VirtualBox

Ticket #17296: VBoxHardening.log

File VBoxHardening.log, 160.1 KB (added by danielguenzel, 7 years ago)
Line 
12e94.2e20: Log file opened: 5.2.0r118431 g_hStartupLog=0000000000000178 g_uNtVerCombined=0xa0383900
22e94.2e20: \SystemRoot\System32\ntdll.dll:
32e94.2e20: CreationTime: 2017-10-16T14:31:48.779932500Z
42e94.2e20: LastWriteTime: 2017-09-07T06:03:35.589628500Z
52e94.2e20: ChangeTime: 2017-11-10T09:00:37.540950700Z
62e94.2e20: FileAttributes: 0x20
72e94.2e20: Size: 0x1cccb0
82e94.2e20: NT Headers: 0xd8
92e94.2e20: Timestamp: 0x59b0d03e
102e94.2e20: Machine: 0x8664 - amd64
112e94.2e20: Timestamp: 0x59b0d03e
122e94.2e20: Image Version: 10.0
132e94.2e20: SizeOfImage: 0x1d2000 (1908736)
142e94.2e20: Resource Dir: 0x169000 LB 0x67a50
152e94.2e20: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
162e94.2e20: [Raw version resource data: 0x1690f0 LB 0x398, codepage 0x0 (reserved 0x0)]
172e94.2e20: ProductName: Microsoft® Windows® Operating System
182e94.2e20: ProductVersion: 10.0.14393.1715
192e94.2e20: FileVersion: 10.0.14393.1715 (rs1_release_inmarket.170906-1810)
202e94.2e20: FileDescription: NT Layer DLL
212e94.2e20: \SystemRoot\System32\kernel32.dll:
222e94.2e20: CreationTime: 2017-07-25T12:40:12.002291400Z
232e94.2e20: LastWriteTime: 2017-04-28T00:49:43.332433600Z
242e94.2e20: ChangeTime: 2017-11-10T09:00:36.613513700Z
252e94.2e20: FileAttributes: 0x20
262e94.2e20: Size: 0xab208
272e94.2e20: NT Headers: 0xf0
282e94.2e20: Timestamp: 0x59028368
292e94.2e20: Machine: 0x8664 - amd64
302e94.2e20: Timestamp: 0x59028368
312e94.2e20: Image Version: 10.0
322e94.2e20: SizeOfImage: 0xac000 (704512)
332e94.2e20: Resource Dir: 0xaa000 LB 0x530
342e94.2e20: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
352e94.2e20: [Raw version resource data: 0xaa0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)]
362e94.2e20: ProductName: Microsoft® Windows® Operating System
372e94.2e20: ProductVersion: 10.0.14393.1198
382e94.2e20: FileVersion: 10.0.14393.1198 (rs1_release_sec.170427-1353)
392e94.2e20: FileDescription: Windows NT BASE API Client DLL
402e94.2e20: \SystemRoot\System32\KernelBase.dll:
412e94.2e20: CreationTime: 2017-11-10T08:08:16.552014300Z
422e94.2e20: LastWriteTime: 2017-09-18T03:09:13.383806400Z
432e94.2e20: ChangeTime: 2017-11-10T16:28:37.631925100Z
442e94.2e20: FileAttributes: 0x20
452e94.2e20: Size: 0x21c780
462e94.2e20: NT Headers: 0xf8
472e94.2e20: Timestamp: 0x59bf2ba6
482e94.2e20: Machine: 0x8664 - amd64
492e94.2e20: Timestamp: 0x59bf2ba6
502e94.2e20: Image Version: 10.0
512e94.2e20: SizeOfImage: 0x21d000 (2215936)
522e94.2e20: Resource Dir: 0x201000 LB 0x550
532e94.2e20: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
542e94.2e20: [Raw version resource data: 0x2010b0 LB 0x3c4, codepage 0x0 (reserved 0x0)]
552e94.2e20: ProductName: Microsoft® Windows® Operating System
562e94.2e20: ProductVersion: 10.0.14393.1770
572e94.2e20: FileVersion: 10.0.14393.1770 (rs1_release.170917-1700)
582e94.2e20: FileDescription: Windows NT BASE API Client DLL
592e94.2e20: \SystemRoot\System32\apisetschema.dll:
602e94.2e20: CreationTime: 2017-08-08T19:01:46.951706100Z
612e94.2e20: LastWriteTime: 2017-07-12T06:15:56.983190800Z
622e94.2e20: ChangeTime: 2017-11-10T09:00:37.432521900Z
632e94.2e20: FileAttributes: 0x20
642e94.2e20: Size: 0x18b60
652e94.2e20: NT Headers: 0xc8
662e94.2e20: Timestamp: 0x5965b2bd
672e94.2e20: Machine: 0x8664 - amd64
682e94.2e20: Timestamp: 0x5965b2bd
692e94.2e20: Image Version: 10.0
702e94.2e20: SizeOfImage: 0x19000 (102400)
712e94.2e20: Resource Dir: 0x18000 LB 0x408
722e94.2e20: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
732e94.2e20: [Raw version resource data: 0x18060 LB 0x3a4, codepage 0x0 (reserved 0x0)]
742e94.2e20: ProductName: Microsoft® Windows® Operating System
752e94.2e20: ProductVersion: 10.0.14393.1532
762e94.2e20: FileVersion: 10.0.14393.1532 (rs1_release_d.170711-1840)
772e94.2e20: FileDescription: ApiSet Schema DLL
782e94.2e20: NtOpenDirectoryObject failed on \Driver: 0xc0000022
792e94.2e20: supR3HardenedWinFindAdversaries: 0x18003
802e94.2e20: \SystemRoot\System32\drivers\SysPlant.sys:
812e94.2e20: CreationTime: 2017-07-26T04:30:24.302216200Z
822e94.2e20: LastWriteTime: 2017-07-26T04:30:24.317842400Z
832e94.2e20: ChangeTime: 2017-07-26T04:30:24.317842400Z
842e94.2e20: FileAttributes: 0x20
852e94.2e20: Size: 0x2b9a8
862e94.2e20: NT Headers: 0x100
872e94.2e20: Timestamp: 0x576a282d
882e94.2e20: Machine: 0x8664 - amd64
892e94.2e20: Timestamp: 0x576a282d
902e94.2e20: Image Version: 5.0
912e94.2e20: SizeOfImage: 0x30000 (196608)
922e94.2e20: Resource Dir: 0x2e000 LB 0x498
932e94.2e20: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
942e94.2e20: [Raw version resource data: 0x2e0b8 LB 0x3e0, codepage 0x4e4 (reserved 0x0)]
952e94.2e20: ProductName: Symantec CMC Firewall
962e94.2e20: ProductVersion: 12.1.7004.6500
972e94.2e20: FileVersion: 12.1.7004.6500
982e94.2e20: FileDescription: Symantec CMC Firewall SysPlant
992e94.2e20: \SystemRoot\System32\sysfer.dll:
1002e94.2e20: CreationTime: 2017-07-26T04:30:24.239715000Z
1012e94.2e20: LastWriteTime: 2017-07-26T04:30:24.286591600Z
1022e94.2e20: ChangeTime: 2017-07-26T04:30:24.286591600Z
1032e94.2e20: FileAttributes: 0x20
1042e94.2e20: Size: 0x73728
1052e94.2e20: NT Headers: 0xf0
1062e94.2e20: Timestamp: 0x576a2837
1072e94.2e20: Machine: 0x8664 - amd64
1082e94.2e20: Timestamp: 0x576a2837
1092e94.2e20: Image Version: 0.0
1102e94.2e20: SizeOfImage: 0x89000 (561152)
1112e94.2e20: Resource Dir: 0x87000 LB 0x630
1122e94.2e20: [Version info resource found at 0xc8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1132e94.2e20: [Raw version resource data: 0x87100 LB 0x3d4, codepage 0x4e4 (reserved 0x0)]
1142e94.2e20: ProductName: Symantec CMC Firewall
1152e94.2e20: ProductVersion: 12.1.7004.6500
1162e94.2e20: FileVersion: 12.1.7004.6500
1172e94.2e20: FileDescription: Symantec CMC Firewall sysfer
1182e94.2e20: \SystemRoot\System32\drivers\symevent64x86.sys:
1192e94.2e20: CreationTime: 2017-07-26T04:31:22.476758300Z
1202e94.2e20: LastWriteTime: 2017-07-26T04:31:22.273624600Z
1212e94.2e20: ChangeTime: 2017-07-26T04:31:22.273624600Z
1222e94.2e20: FileAttributes: 0x20
1232e94.2e20: Size: 0x2b8d8
1242e94.2e20: NT Headers: 0xe8
1252e94.2e20: Timestamp: 0x54b87d44
1262e94.2e20: Machine: 0x8664 - amd64
1272e94.2e20: Timestamp: 0x54b87d44
1282e94.2e20: Image Version: 6.0
1292e94.2e20: SizeOfImage: 0x38000 (229376)
1302e94.2e20: Resource Dir: 0x36000 LB 0x3c8
1312e94.2e20: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
1322e94.2e20: [Raw version resource data: 0x360b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
1332e94.2e20: ProductName: SYMEVENT
1342e94.2e20: ProductVersion: 12.9.6.12
1352e94.2e20: FileVersion: 12.9.6.12
1362e94.2e20: FileDescription: Symantec Event Library
1372e94.2e20: \SystemRoot\System32\drivers\cyprotectdrv64.sys:
1382e94.2e20: CreationTime: 2017-10-24T15:31:18.834773900Z
1392e94.2e20: LastWriteTime: 2017-11-09T07:36:41.344755100Z
1402e94.2e20: ChangeTime: 2017-11-20T09:19:02.498899900Z
1412e94.2e20: FileAttributes: 0x20
1422e94.2e20: Size: 0x30be8
1432e94.2e20: NT Headers: 0x100
1442e94.2e20: Timestamp: 0x59f8fc8d
1452e94.2e20: Machine: 0x8664 - amd64
1462e94.2e20: Timestamp: 0x59f8fc8d
1472e94.2e20: Image Version: 6.1
1482e94.2e20: SizeOfImage: 0x131000 (1249280)
1492e94.2e20: Resource Dir: 0x12f000 LB 0x2f0
1502e94.2e20: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1512e94.2e20: [Raw version resource data: 0x12f060 LB 0x28c, codepage 0x0 (reserved 0x0)]
1522e94.2e20: ProductName: CylancePROTECT
1532e94.2e20: ProductVersion: 2.0.1460.27
1542e94.2e20: FileVersion: 2.0.1460.27
1552e94.2e20: FileDescription: Cylance Protect Driver
1562e94.2e20: \SystemRoot\System32\drivers\privman.sys:
1572e94.2e20: CreationTime: 2017-11-20T07:52:55.503152200Z
1582e94.2e20: LastWriteTime: 2017-10-11T16:51:26.000000000Z
1592e94.2e20: ChangeTime: 2017-11-20T09:31:19.898387200Z
1602e94.2e20: FileAttributes: 0x20
1612e94.2e20: Size: 0x10618
1622e94.2e20: NT Headers: 0x100
1632e94.2e20: Timestamp: 0x59deb541
1642e94.2e20: Machine: 0x8664 - amd64
1652e94.2e20: Timestamp: 0x59deb541
1662e94.2e20: Image Version: 6.1
1672e94.2e20: SizeOfImage: 0xf000 (61440)
1682e94.2e20: Resource Dir: 0xb000 LB 0x2fa8
1692e94.2e20: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x0)]
1702e94.2e20: [Raw version resource data: 0xb0a0 LB 0x33c, codepage 0x0 (reserved 0x0)]
1712e94.2e20: ProductName: PowerBroker for Windows
1722e94.2e20: ProductVersion: 7.3.1.0
1732e94.2e20: FileVersion: 7.3.1.0
1742e94.2e20: FileDescription: PowerBroker for Windows
1752e94.2e20: \SystemRoot\System32\privman64.dll:
1762e94.2e20: CreationTime: 2017-10-11T20:32:50.000000000Z
1772e94.2e20: LastWriteTime: 2017-10-11T20:32:50.000000000Z
1782e94.2e20: ChangeTime: 2017-11-20T09:31:19.913099000Z
1792e94.2e20: FileAttributes: 0x20
1802e94.2e20: Size: 0x39340
1812e94.2e20: NT Headers: 0xf8
1822e94.2e20: Timestamp: 0x59deb4c7
1832e94.2e20: Machine: 0x8664 - amd64
1842e94.2e20: Timestamp: 0x59deb4c7
1852e94.2e20: Image Version: 0.0
1862e94.2e20: SizeOfImage: 0x3b000 (241664)
1872e94.2e20: Resource Dir: 0x39000 LB 0x578
1882e94.2e20: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x0)]
1892e94.2e20: [Raw version resource data: 0x390a0 LB 0x37c, codepage 0x4e4 (reserved 0x0)]
1902e94.2e20: ProductName: PowerBroker for Windows
1912e94.2e20: ProductVersion: 7.3.1.0
1922e94.2e20: FileVersion: 7.3.1.0
1932e94.2e20: FileDescription: BeyondTrust PowerBroker for Windows DLL
1942e94.2e20: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
1952e94.2e20: Calling main()
1962e94.2e20: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
1972e94.2e20: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
1982e94.2e20: SUPR3HardenedMain: Respawn #1
1992e94.2e20: System32: \Device\HarddiskVolume1\Windows\System32
2002e94.2e20: WinSxS: \Device\HarddiskVolume1\Windows\WinSxS
2012e94.2e20: KnownDllPath: C:\WINDOWS\System32
2022e94.2e20: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2032e94.2e20: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2042e94.2e20: supR3HardNtEnableThreadCreation:
2052e94.2e20: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbb7c99f60 pvNtTerminateThread=00007ffbb7cc6af0
2062e94.2e20: supR3HardenedWinDoReSpawn(1): New child 3718.38f8 [kernel32].
2072e94.2e20: supR3HardNtChildGatherData: PebBaseAddress=0000000000ae2000 cbPeb=0x388
2082e94.2e20: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffbb7c20000 uNtDllChildAddr=00007ffbb7c20000
2092e94.2e20: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffbb7c99f60
2102e94.2e20: supR3HardenedWinSetupChildInit: Start child.
2112e94.2e20: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2122e94.2e20: supR3HardNtChildPurify: Startup delay kludge #1/0: 518 ms, 59 sleeps
2132e94.2e20: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2142e94.2e20: *0000000000000000-000000000093ffff 0x0001/0x0000 0x0000000
2152e94.2e20: *0000000000940000-000000000095ffff 0x0004/0x0004 0x0020000
2162e94.2e20: *0000000000960000-0000000000975fff 0x0002/0x0002 0x0040000
2172e94.2e20: 0000000000976000-000000000097ffff 0x0001/0x0000 0x0000000
2182e94.2e20: *0000000000980000-0000000000983fff 0x0002/0x0002 0x0040000
2192e94.2e20: 0000000000984000-000000000098ffff 0x0001/0x0000 0x0000000
2202e94.2e20: *0000000000990000-0000000000991fff 0x0004/0x0004 0x0020000
2212e94.2e20: 0000000000992000-00000000009fffff 0x0001/0x0000 0x0000000
2222e94.2e20: *0000000000a00000-0000000000ae1fff 0x0000/0x0004 0x0020000
2232e94.2e20: 0000000000ae2000-0000000000ae4fff 0x0004/0x0004 0x0020000
2242e94.2e20: 0000000000ae5000-0000000000bfffff 0x0000/0x0004 0x0020000
2252e94.2e20: *0000000000c00000-0000000000cfafff 0x0000/0x0004 0x0020000
2262e94.2e20: 0000000000cfb000-0000000000cfdfff 0x0104/0x0004 0x0020000
2272e94.2e20: 0000000000cfe000-0000000000cfffff 0x0004/0x0004 0x0020000
2282e94.2e20: 0000000000d00000-000000007ffdffff 0x0001/0x0000 0x0000000
2292e94.2e20: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2302e94.2e20: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
2312e94.2e20: 000000007fff0000-00007ff786f4ffff 0x0001/0x0000 0x0000000
2322e94.2e20: *00007ff786f50000-00007ff786f72fff 0x0002/0x0002 0x0040000
2332e94.2e20: 00007ff786f73000-00007ff787f4ffff 0x0001/0x0000 0x0000000
2342e94.2e20: *00007ff787f50000-00007ff787f50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2352e94.2e20: 00007ff787f51000-00007ff787fc1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2362e94.2e20: 00007ff787fc2000-00007ff787fc2fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2372e94.2e20: 00007ff787fc3000-00007ff788008fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2382e94.2e20: 00007ff788009000-00007ff788009fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2392e94.2e20: 00007ff78800a000-00007ff78800afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2402e94.2e20: 00007ff78800b000-00007ff78800ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2412e94.2e20: 00007ff788010000-00007ff788010fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2422e94.2e20: 00007ff788011000-00007ff788011fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2432e94.2e20: 00007ff788012000-00007ff788015fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2442e94.2e20: 00007ff788016000-00007ff78805dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2452e94.2e20: 00007ff78805e000-00007ffbb7c1ffff 0x0001/0x0000 0x0000000
2462e94.2e20: *00007ffbb7c20000-00007ffbb7c20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2472e94.2e20: 00007ffbb7c21000-00007ffbb7d28fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2482e94.2e20: 00007ffbb7d29000-00007ffbb7d6cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2492e94.2e20: 00007ffbb7d6d000-00007ffbb7d75fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2502e94.2e20: 00007ffbb7d76000-00007ffbb7d83fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2512e94.2e20: 00007ffbb7d84000-00007ffbb7d84fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2522e94.2e20: 00007ffbb7d85000-00007ffbb7d87fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2532e94.2e20: 00007ffbb7d88000-00007ffbb7df1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume1\Windows\System32\ntdll.dll
2542e94.2e20: 00007ffbb7df2000-00007ffffffdffff 0x0001/0x0000 0x0000000
2552e94.2e20: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
2562e94.2e20: VirtualBox.exe: timestamp 0x59e6e5d5 (rc=VINF_SUCCESS)
2572e94.2e20: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2582e94.2e20: '\Device\HarddiskVolume1\Windows\System32\ntdll.dll' has no imports
2592e94.2e20: supR3HardNtChildPurify: Done after 602 ms and 0 fixes (loop #0).
2602e94.2e20: supR3HardNtEnableThreadCreation:
2613718.38f8: Log file opened: 5.2.0r118431 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0383900
2623718.38f8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffbb7c20000 g_uNtVerCombined=0xa0383900
2633718.38f8: ntdll.dll: timestamp 0x59b0d03e (rc=VINF_SUCCESS)
2643718.38f8: New simple heap: #1 0000000000e00000 LB 0x400000 (for 1908736 allocation)
2653718.38f8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
2663718.38f8: System32: \Device\HarddiskVolume1\Windows\System32
2673718.38f8: WinSxS: \Device\HarddiskVolume1\Windows\WinSxS
2683718.38f8: KnownDllPath: C:\WINDOWS\System32
2693718.38f8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2703718.38f8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2713718.38f8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2723718.38f8: Registered Dll notification callback with NTDLL.
2733718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\kernel32.dll)
2743718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel32.dll
2753718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
2763718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4a90000 LB 0x0021d000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
2773718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\KernelBase.dll)
2783718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\KernelBase.dll
2793718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb59d0000 LB 0x000ac000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
2803718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2813718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb59d0000 'C:\WINDOWS\System32\KERNEL32.DLL'
2823718.38f8: supR3HardenedDllNotificationCallback: load 00007ff787f50000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
2833718.38f8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
2843718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
2853718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe
2863718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'rpcrt4.dll'.
2873718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'version.dll'.
2883718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2893718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2903718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
2913718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
2923718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'userenv.dll'.
2933718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\privman64.dll)
2943718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\privman64.dll
2953718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
2963718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume1\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
2973718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2983718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'profapi.dll'.
2993718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\userenv.dll)
3003718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\userenv.dll
3013718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
3023718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
3033718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
3043718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'gdi32.dll'.
3053718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'user32.dll'.
3063718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shlwapi.dll)
3073718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shlwapi.dll
3083718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
3093718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
3103718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3113718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #66 'user32.dll'.
3123718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #68 'gdi32.dll'.
3133718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\shell32.dll)
3143718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\shell32.dll
3153718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3163718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3173718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3183718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
3193718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
3203718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\advapi32.dll)
3213718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\advapi32.dll
3223718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3233718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3243718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
3253718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'.
3263718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\user32.dll)
3273718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\user32.dll
3283718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
3293718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume1\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
3303718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3313718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\version.dll)
3323718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\version.dll
3333718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3343718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3353718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll)
3363718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll
3373718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3383718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3393718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msvcrt.dll)
3403718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcrt.dll
3413718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3423718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3433718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\gdi32.dll)
3443718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32.dll
3453718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
3463718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
3473718.38f8: '\Device\HarddiskVolume1\Windows\System32\win32u.dll' has no imports
3483718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\win32u.dll)
3493718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\win32u.dll
3503718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3513718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3523718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
3533718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
3543718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume1\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
3553718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
3563718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\sechost.dll)
3573718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\sechost.dll
3583718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3593718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3603718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
3613718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3623718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3633718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
3643718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3653718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3663718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
3673718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3683718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3693718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
3703718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3713718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3723718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
3733718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3743718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3753718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
3763718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3773718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3783718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
3793718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
3803718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
3813718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\profapi.dll)
3823718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\profapi.dll
3833718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3843718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3853718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
3863718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3873718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3883718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
3893718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\privman64.dll (Input=privman64.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3903718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\privman64.dll [lacks WinVerifyTrust]
3913718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll [lacks WinVerifyTrust]
3923718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
3933718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5ab0000 LB 0x00121000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
3943718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
3953718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb57b0000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
3963718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
3973718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb3ef0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\VERSION.dll [fFlags=0x0]
3983718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\version.dll [lacks WinVerifyTrust]
3993718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4f10000 LB 0x0001e000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
4003718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
4013718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4190000 LB 0x00180000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
4023718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'gdi32.dll'.
4033718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
4043718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'win32u.dll'.
4053718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\gdi32full.dll)
4063718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\gdi32full.dll
4073718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb7800000 LB 0x00034000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
4083718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
4093718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5640000 LB 0x00165000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
4103718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
4113718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb51b0000 LB 0x00059000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
4123718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\sechost.dll [lacks WinVerifyTrust]
4133718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb7840000 LB 0x000a2000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0]
4143718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
4153718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5100000 LB 0x00042000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
4163718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll)
4173718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cfgmgr32.dll
4183718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4cb0000 LB 0x000f5000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
4193718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ucrtbase.dll)
4203718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ucrtbase.dll
4213718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4120000 LB 0x0006a000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0]
4223718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll)
4233718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll
4243718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5d80000 LB 0x002c8000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
4253718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
4263718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'bcryptprimitives.dll'.
4273718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\combase.dll)
4283718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\combase.dll
4293718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb40d0000 LB 0x0004c000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
4303718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
4313718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\powrprof.dll)
4323718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\powrprof.dll
4333718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb77a0000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
4343718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
4353718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb40b0000 LB 0x0000f000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
4363718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
4373718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
4383718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\kernel.appcore.dll)
4393718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\kernel.appcore.dll
4403718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4db0000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
4413718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4423718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
4433718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'combase.dll'.
4443718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\SHCore.dll)
4453718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\SHCore.dll
4463718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb4090000 LB 0x00014000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
4473718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
4483718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb43b0000 LB 0x006d8000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
4493718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4503718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
4513718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'combase.dll'.
4523718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #63 'profapi.dll'.
4533718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\windows.storage.dll)
4543718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\windows.storage.dll
4553718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb60c0000 LB 0x01508000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
4563718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
4573718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb3ed0000 LB 0x0001f000 C:\WINDOWS\SYSTEM32\USERENV.dll [fFlags=0x0]
4583718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\userenv.dll [lacks WinVerifyTrust]
4593718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb3f00000 LB 0x0003b000 C:\WINDOWS\System32\privman64.dll [fFlags=0x0]
4603718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\privman64.dll [lacks WinVerifyTrust]
4613718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
4623718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'win32u.dll'.
4633718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\imm32.dll)
4643718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\imm32.dll
4653718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
4663718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
4673718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
4683718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
4693718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
4703718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
4713718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
4723718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
4733718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\profapi.dll [lacks WinVerifyTrust]
4743718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4753718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume1\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4763718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\combase.dll [lacks WinVerifyTrust]
4773718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4783718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4793718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4803718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4813718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4823718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4833718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
4843718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume1\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
4853718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\combase.dll [lacks WinVerifyTrust]
4863718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4873718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4883718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4893718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4903718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4913718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4923718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4933718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4943718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4953718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4963718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4973718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4983718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4993718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5003718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5013718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
5023718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
5033718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5043718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5053718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5063718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5073718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
5083718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
5093718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
5103718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
5113718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
5123718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
5133718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
5143718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
5153718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
5163718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
5173718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5a80000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
5183718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
5193718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb5a80000 'C:\WINDOWS\system32\IMM32.DLL'
5203718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
5213718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5223718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-synch-l1-2-0'
5233718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
5243718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5253718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-fibers-l1-1-1'
5263718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
5273718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5283718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-fibers-l1-1-1'
5293718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
5303718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5313718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-synch-l1-2-0'
5323718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
5333718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5343718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-localization-l1-2-1'
5353718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5363718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5373718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb59d0000 'C:\WINDOWS\System32\kernel32.dll'
5383718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb3f00000 'C:\WINDOWS\System32\privman64.dll'
5393718.38f8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbb7c99f60 pvNtTerminateThread=00007ffbb7cc6af0
5402e94.2e20: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 616 ms.
5413718.38f8: \SystemRoot\System32\ntdll.dll:
5423718.38f8: CreationTime: 2017-10-16T14:31:48.779932500Z
5433718.38f8: LastWriteTime: 2017-09-07T06:03:35.589628500Z
5443718.38f8: ChangeTime: 2017-11-10T09:00:37.540950700Z
5453718.38f8: FileAttributes: 0x20
5463718.38f8: Size: 0x1cccb0
5473718.38f8: NT Headers: 0xd8
5483718.38f8: Timestamp: 0x59b0d03e
5493718.38f8: Machine: 0x8664 - amd64
5503718.38f8: Timestamp: 0x59b0d03e
5513718.38f8: Image Version: 10.0
5523718.38f8: SizeOfImage: 0x1d2000 (1908736)
5533718.38f8: Resource Dir: 0x169000 LB 0x67a50
5543718.38f8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
5553718.38f8: [Raw version resource data: 0x1690f0 LB 0x398, codepage 0x0 (reserved 0x0)]
5563718.38f8: ProductName: Microsoft® Windows® Operating System
5573718.38f8: ProductVersion: 10.0.14393.1715
5583718.38f8: FileVersion: 10.0.14393.1715 (rs1_release_inmarket.170906-1810)
5593718.38f8: FileDescription: NT Layer DLL
5603718.38f8: \SystemRoot\System32\kernel32.dll:
5613718.38f8: CreationTime: 2017-07-25T12:40:12.002291400Z
5623718.38f8: LastWriteTime: 2017-04-28T00:49:43.332433600Z
5633718.38f8: ChangeTime: 2017-11-10T09:00:36.613513700Z
5643718.38f8: FileAttributes: 0x20
5653718.38f8: Size: 0xab208
5663718.38f8: NT Headers: 0xf0
5673718.38f8: Timestamp: 0x59028368
5683718.38f8: Machine: 0x8664 - amd64
5693718.38f8: Timestamp: 0x59028368
5703718.38f8: Image Version: 10.0
5713718.38f8: SizeOfImage: 0xac000 (704512)
5723718.38f8: Resource Dir: 0xaa000 LB 0x530
5733718.38f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5743718.38f8: [Raw version resource data: 0xaa0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)]
5753718.38f8: ProductName: Microsoft® Windows® Operating System
5763718.38f8: ProductVersion: 10.0.14393.1198
5773718.38f8: FileVersion: 10.0.14393.1198 (rs1_release_sec.170427-1353)
5783718.38f8: FileDescription: Windows NT BASE API Client DLL
5793718.38f8: \SystemRoot\System32\KernelBase.dll:
5803718.38f8: CreationTime: 2017-11-10T08:08:16.552014300Z
5813718.38f8: LastWriteTime: 2017-09-18T03:09:13.383806400Z
5823718.38f8: ChangeTime: 2017-11-10T16:28:37.631925100Z
5833718.38f8: FileAttributes: 0x20
5843718.38f8: Size: 0x21c780
5853718.38f8: NT Headers: 0xf8
5863718.38f8: Timestamp: 0x59bf2ba6
5873718.38f8: Machine: 0x8664 - amd64
5883718.38f8: Timestamp: 0x59bf2ba6
5893718.38f8: Image Version: 10.0
5903718.38f8: SizeOfImage: 0x21d000 (2215936)
5913718.38f8: Resource Dir: 0x201000 LB 0x550
5923718.38f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5933718.38f8: [Raw version resource data: 0x2010b0 LB 0x3c4, codepage 0x0 (reserved 0x0)]
5943718.38f8: ProductName: Microsoft® Windows® Operating System
5953718.38f8: ProductVersion: 10.0.14393.1770
5963718.38f8: FileVersion: 10.0.14393.1770 (rs1_release.170917-1700)
5973718.38f8: FileDescription: Windows NT BASE API Client DLL
5983718.38f8: \SystemRoot\System32\apisetschema.dll:
5993718.38f8: CreationTime: 2017-08-08T19:01:46.951706100Z
6003718.38f8: LastWriteTime: 2017-07-12T06:15:56.983190800Z
6013718.38f8: ChangeTime: 2017-11-10T09:00:37.432521900Z
6023718.38f8: FileAttributes: 0x20
6033718.38f8: Size: 0x18b60
6043718.38f8: NT Headers: 0xc8
6053718.38f8: Timestamp: 0x5965b2bd
6063718.38f8: Machine: 0x8664 - amd64
6073718.38f8: Timestamp: 0x5965b2bd
6083718.38f8: Image Version: 10.0
6093718.38f8: SizeOfImage: 0x19000 (102400)
6103718.38f8: Resource Dir: 0x18000 LB 0x408
6113718.38f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
6123718.38f8: [Raw version resource data: 0x18060 LB 0x3a4, codepage 0x0 (reserved 0x0)]
6133718.38f8: ProductName: Microsoft® Windows® Operating System
6143718.38f8: ProductVersion: 10.0.14393.1532
6153718.38f8: FileVersion: 10.0.14393.1532 (rs1_release_d.170711-1840)
6163718.38f8: FileDescription: ApiSet Schema DLL
6173718.38f8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
6183718.38f8: supR3HardenedWinFindAdversaries: 0x18003
6193718.38f8: \SystemRoot\System32\drivers\SysPlant.sys:
6203718.38f8: CreationTime: 2017-07-26T04:30:24.302216200Z
6213718.38f8: LastWriteTime: 2017-07-26T04:30:24.317842400Z
6223718.38f8: ChangeTime: 2017-07-26T04:30:24.317842400Z
6233718.38f8: FileAttributes: 0x20
6243718.38f8: Size: 0x2b9a8
6253718.38f8: NT Headers: 0x100
6263718.38f8: Timestamp: 0x576a282d
6273718.38f8: Machine: 0x8664 - amd64
6283718.38f8: Timestamp: 0x576a282d
6293718.38f8: Image Version: 5.0
6303718.38f8: SizeOfImage: 0x30000 (196608)
6313718.38f8: Resource Dir: 0x2e000 LB 0x498
6323718.38f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6333718.38f8: [Raw version resource data: 0x2e0b8 LB 0x3e0, codepage 0x4e4 (reserved 0x0)]
6343718.38f8: ProductName: Symantec CMC Firewall
6353718.38f8: ProductVersion: 12.1.7004.6500
6363718.38f8: FileVersion: 12.1.7004.6500
6373718.38f8: FileDescription: Symantec CMC Firewall SysPlant
6383718.38f8: \SystemRoot\System32\sysfer.dll:
6393718.38f8: CreationTime: 2017-07-26T04:30:24.239715000Z
6403718.38f8: LastWriteTime: 2017-07-26T04:30:24.286591600Z
6413718.38f8: ChangeTime: 2017-07-26T04:30:24.286591600Z
6423718.38f8: FileAttributes: 0x20
6433718.38f8: Size: 0x73728
6443718.38f8: NT Headers: 0xf0
6453718.38f8: Timestamp: 0x576a2837
6463718.38f8: Machine: 0x8664 - amd64
6473718.38f8: Timestamp: 0x576a2837
6483718.38f8: Image Version: 0.0
6493718.38f8: SizeOfImage: 0x89000 (561152)
6503718.38f8: Resource Dir: 0x87000 LB 0x630
6513718.38f8: [Version info resource found at 0xc8! (ID/Name: 0x1; SubID/SubName: 0x409)]
6523718.38f8: [Raw version resource data: 0x87100 LB 0x3d4, codepage 0x4e4 (reserved 0x0)]
6533718.38f8: ProductName: Symantec CMC Firewall
6543718.38f8: ProductVersion: 12.1.7004.6500
6553718.38f8: FileVersion: 12.1.7004.6500
6563718.38f8: FileDescription: Symantec CMC Firewall sysfer
6573718.38f8: \SystemRoot\System32\drivers\symevent64x86.sys:
6583718.38f8: CreationTime: 2017-07-26T04:31:22.476758300Z
6593718.38f8: LastWriteTime: 2017-07-26T04:31:22.273624600Z
6603718.38f8: ChangeTime: 2017-07-26T04:31:22.273624600Z
6613718.38f8: FileAttributes: 0x20
6623718.38f8: Size: 0x2b8d8
6633718.38f8: NT Headers: 0xe8
6643718.38f8: Timestamp: 0x54b87d44
6653718.38f8: Machine: 0x8664 - amd64
6663718.38f8: Timestamp: 0x54b87d44
6673718.38f8: Image Version: 6.0
6683718.38f8: SizeOfImage: 0x38000 (229376)
6693718.38f8: Resource Dir: 0x36000 LB 0x3c8
6703718.38f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6713718.38f8: [Raw version resource data: 0x360b8 LB 0x310, codepage 0x4e4 (reserved 0x0)]
6723718.38f8: ProductName: SYMEVENT
6733718.38f8: ProductVersion: 12.9.6.12
6743718.38f8: FileVersion: 12.9.6.12
6753718.38f8: FileDescription: Symantec Event Library
6763718.38f8: \SystemRoot\System32\drivers\cyprotectdrv64.sys:
6773718.38f8: CreationTime: 2017-10-24T15:31:18.834773900Z
6783718.38f8: LastWriteTime: 2017-11-09T07:36:41.344755100Z
6793718.38f8: ChangeTime: 2017-11-20T09:19:02.498899900Z
6803718.38f8: FileAttributes: 0x20
6813718.38f8: Size: 0x30be8
6823718.38f8: NT Headers: 0x100
6833718.38f8: Timestamp: 0x59f8fc8d
6843718.38f8: Machine: 0x8664 - amd64
6853718.38f8: Timestamp: 0x59f8fc8d
6863718.38f8: Image Version: 6.1
6873718.38f8: SizeOfImage: 0x131000 (1249280)
6883718.38f8: Resource Dir: 0x12f000 LB 0x2f0
6893718.38f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
6903718.38f8: [Raw version resource data: 0x12f060 LB 0x28c, codepage 0x0 (reserved 0x0)]
6913718.38f8: ProductName: CylancePROTECT
6923718.38f8: ProductVersion: 2.0.1460.27
6933718.38f8: FileVersion: 2.0.1460.27
6943718.38f8: FileDescription: Cylance Protect Driver
6953718.38f8: \SystemRoot\System32\drivers\privman.sys:
6963718.38f8: CreationTime: 2017-11-20T07:52:55.503152200Z
6973718.38f8: LastWriteTime: 2017-10-11T16:51:26.000000000Z
6983718.38f8: ChangeTime: 2017-11-20T09:31:19.898387200Z
6993718.38f8: FileAttributes: 0x20
7003718.38f8: Size: 0x10618
7013718.38f8: NT Headers: 0x100
7023718.38f8: Timestamp: 0x59deb541
7033718.38f8: Machine: 0x8664 - amd64
7043718.38f8: Timestamp: 0x59deb541
7053718.38f8: Image Version: 6.1
7063718.38f8: SizeOfImage: 0xf000 (61440)
7073718.38f8: Resource Dir: 0xb000 LB 0x2fa8
7083718.38f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x0)]
7093718.38f8: [Raw version resource data: 0xb0a0 LB 0x33c, codepage 0x0 (reserved 0x0)]
7103718.38f8: ProductName: PowerBroker for Windows
7113718.38f8: ProductVersion: 7.3.1.0
7123718.38f8: FileVersion: 7.3.1.0
7133718.38f8: FileDescription: PowerBroker for Windows
7143718.38f8: \SystemRoot\System32\privman64.dll:
7153718.38f8: CreationTime: 2017-10-11T20:32:50.000000000Z
7163718.38f8: LastWriteTime: 2017-10-11T20:32:50.000000000Z
7173718.38f8: ChangeTime: 2017-11-20T09:31:19.913099000Z
7183718.38f8: FileAttributes: 0x20
7193718.38f8: Size: 0x39340
7203718.38f8: NT Headers: 0xf8
7213718.38f8: Timestamp: 0x59deb4c7
7223718.38f8: Machine: 0x8664 - amd64
7233718.38f8: Timestamp: 0x59deb4c7
7243718.38f8: Image Version: 0.0
7253718.38f8: SizeOfImage: 0x3b000 (241664)
7263718.38f8: Resource Dir: 0x39000 LB 0x578
7273718.38f8: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x0)]
7283718.38f8: [Raw version resource data: 0x390a0 LB 0x37c, codepage 0x4e4 (reserved 0x0)]
7293718.38f8: ProductName: PowerBroker for Windows
7303718.38f8: ProductVersion: 7.3.1.0
7313718.38f8: FileVersion: 7.3.1.0
7323718.38f8: FileDescription: BeyondTrust PowerBroker for Windows DLL
7333718.38f8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
7343718.38f8: Calling main()
7353718.38f8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
7363718.38f8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox'
7373718.38f8: '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
7383718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.exe)
7393718.38f8: SUPR3HardenedMain: Respawn #2
7403718.38f8: Error (rc=-5640):
7413718.38f8: More than one thread in process
7423718.38f8: Error -5640 in supR3HardenedWinReSpawn! (enmWhat=1)
7433718.38f8: More than one thread in process
7443718.38f8: supR3HardNtEnableThreadCreation:
7453718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
7463718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
7473718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
7483718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
7493718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
7503718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
7513718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
7523718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
7533718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
7543718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
7553718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
7563718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
7573718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
7583718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
7593718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
7603718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll)
7613718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll
7623718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
7633718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
7643718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
7653718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
7663718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmm.dll)
7673718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmm.dll
7683718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
7693718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
7703718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
7713718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
7723718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
7733718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\oleaut32.dll)
7743718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\oleaut32.dll
7753718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
7763718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
7773718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
7783718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
7793718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
7803718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'combase.dll'.
7813718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ole32.dll)
7823718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ole32.dll
7833718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
7843718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
7853718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
7863718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
7873718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
7883718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
7893718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
7903718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
7913718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
7923718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
7933718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
7943718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
7953718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
7963718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
7973718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
7983718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll)
7993718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
8003718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
8013718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
8023718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
8033718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
8043718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
8053718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
8063718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
8073718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
8083718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
8093718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
8103718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll)
8113718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
8123718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
8133718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
8143718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
8153718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
8163718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
8173718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
8183718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
8193718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
8203718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
8213718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
8223718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
8233718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
8243718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
8253718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
8263718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
8273718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
8283718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
8293718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
8303718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
8313718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
8323718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
8333718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
8343718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
8353718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
8363718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
8373718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
8383718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
8393718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
8403718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
8413718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
8423718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
8433718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
8443718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
8453718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
8463718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8473718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8483718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll)
8493718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll
8503718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
8513718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
8523718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8533718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll)
8543718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll
8553718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
8563718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
8573718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8583718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
8593718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
8603718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
8613718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll)
8623718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll
8633718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
8643718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
8653718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8663718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
8673718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
8683718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
8693718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
8703718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
8713718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\opengl32.dll)
8723718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\opengl32.dll
8733718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
8743718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
8753718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
8763718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
8773718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume1\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
8783718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8793718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'.
8803718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'.
8813718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'dciman32.dll'.
8823718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\ddraw.dll)
8833718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ddraw.dll
8843718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
8853718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume1\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
8863718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8873718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
8883718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
8893718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\glu32.dll)
8903718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\glu32.dll
8913718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
8923718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
8933718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
8943718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
8953718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
8963718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
8973718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8983718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8993718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9003718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9013718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9023718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
9033718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
9043718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
9053718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
9063718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\ws2_32.dll)
9073718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\ws2_32.dll
9083718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9093718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9103718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9113718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9123718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9133718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9143718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9153718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9163718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9173718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9183718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9193718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9203718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9213718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9223718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9233718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
9243718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume1\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
9253718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\mpr.dll)
9263718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\mpr.dll
9273718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
9283718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
9293718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
9303718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
9313718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
9323718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
9333718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
9343718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
9353718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll [lacks WinVerifyTrust]
9363718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
9373718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
9383718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
9393718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9403718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9413718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9423718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9433718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9443718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9453718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9463718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9473718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9483718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
9493718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
9503718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
9513718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9523718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9533718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9543718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9553718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9563718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9573718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
9583718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
9593718.38f8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
9603718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
9613718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
9623718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll [lacks WinVerifyTrust]
9633718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9643718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9653718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9663718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9673718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9683718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
9693718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
9703718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
9713718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
9723718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
9733718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
9743718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
9753718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
9763718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
9773718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
9783718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
9793718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
9803718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
9813718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
9823718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
9833718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
9843718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9853718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9863718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
9873718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
9883718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
9893718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9903718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'user32.dll'.
9913718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'shlwapi.dll'.
9923718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'.
9933718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'comctl32.dll'.
9943718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'shell32.dll'.
9953718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\comdlg32.dll)
9963718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comdlg32.dll
9973718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
9983718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume1\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
9993718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10003718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'bcrypt.dll'.
10013718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\winspool.drv)
10023718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winspool.drv
10033718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
10043718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
10053718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
10063718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
10073718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
10083718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
10093718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
10103718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
10113718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
10123718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10133718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10143718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
10153718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10163718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10173718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10183718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10193718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10203718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
10213718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
10223718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
10233718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
10243718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
10253718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
10263718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
10273718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
10283718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
10293718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
10303718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10313718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume1\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10323718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\combase.dll [lacks WinVerifyTrust]
10333718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10343718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10353718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
10363718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10373718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10383718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10393718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10403718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10413718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10423718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10433718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10443718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10453718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10463718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume1\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10473718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\combase.dll [lacks WinVerifyTrust]
10483718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
10493718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
10503718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msvcp_win.dll)
10513718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msvcp_win.dll
10523718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10533718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10543718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10553718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
10563718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
10573718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10583718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\winmmbase.dll)
10593718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\winmmbase.dll
10603718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10613718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10623718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10633718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
10643718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
10653718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\bcrypt.dll)
10663718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\bcrypt.dll
10673718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10683718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10693718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10703718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
10713718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
10723718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
10733718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
10743718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
10753718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
10763718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
10773718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
10783718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\comctl32.dll)
10793718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\comctl32.dll
10803718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10813718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10823718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10833718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
10843718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume1\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
10853718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
10863718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10873718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10883718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
10893718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10903718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10913718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10923718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10933718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10943718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10953718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10963718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10973718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
10983718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
10993718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume1\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
11003718.38f8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
11013718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11023718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11033718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11043718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
11053718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume1\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
11063718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11073718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
11083718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
11093718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\dciman32.dll)
11103718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dciman32.dll
11113718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11123718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11133718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11143718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11153718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11163718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
11173718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11183718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11193718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11203718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11213718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11223718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
11233718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11243718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11253718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11263718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11273718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11283718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11293718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11303718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11313718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
11323718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11333718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11343718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11353718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11363718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11373718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
11383718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
11393718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
11403718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
11413718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
11423718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
11433718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11443718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
11453718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
11463718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
11473718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust]
11483718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
11493718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll [lacks WinVerifyTrust]
11503718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\glu32.dll [lacks WinVerifyTrust]
11513718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
11523718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll [lacks WinVerifyTrust]
11533718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\winspool.drv [lacks WinVerifyTrust]
11543718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
11553718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
11563718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
11573718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\comctl32.dll)
11583718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\comctl32.dll
11593718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
11603718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
11613718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11623718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb8b120000 LB 0x00008000 C:\WINDOWS\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
11633718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\dciman32.dll [lacks WinVerifyTrust]
11643718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb87960000 LB 0x000f7000 C:\WINDOWS\SYSTEM32\DDRAW.dll [fFlags=0x0]
11653718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\ddraw.dll [lacks WinVerifyTrust]
11663718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb8ad10000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
11673718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\glu32.dll [lacks WinVerifyTrust]
11683718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb88000000 LB 0x00123000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
11693718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
11703718.38f8: supR3HardenedDllNotificationCallback: load 000000005f560000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
11713718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11723718.38f8: supR3HardenedDllNotificationCallback: load 000000005f4c0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
11733718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
11743718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5960000 LB 0x0006a000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
11753718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
11763718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb7e620000 LB 0x00595000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
11773718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
11783718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb7ac0000 LB 0x00138000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
11793718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll [lacks WinVerifyTrust]
11803718.38f8: supR3HardenedDllNotificationCallback: load 00007ffba9870000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
11813718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\mpr.dll [lacks WinVerifyTrust]
11823718.38f8: supR3HardenedDllNotificationCallback: load 000000005ef50000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
11833718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
11843718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb7e020000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
11853718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
11863718.38f8: supR3HardenedDllNotificationCallback: load 000000005d950000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
11873718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
11883718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb3c00000 LB 0x0002b000 C:\WINDOWS\SYSTEM32\bcrypt.dll [fFlags=0x0]
11893718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11903718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbab660000 LB 0x00086000 C:\WINDOWS\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
11913718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\winspool.drv [lacks WinVerifyTrust]
11923718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb8fa60000 LB 0x000ac000 C:\WINDOWS\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\COMCTL32.dll [fFlags=0x0]
11933718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.14393.447_none_0d5aa7fbb6d35646\comctl32.dll [lacks WinVerifyTrust]
11943718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb5860000 LB 0x000fa000 C:\WINDOWS\System32\COMDLG32.dll [fFlags=0x0]
11953718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\comdlg32.dll [lacks WinVerifyTrust]
11963718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb98150000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
11973718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [lacks WinVerifyTrust]
11983718.38f8: supR3HardenedDllNotificationCallback: load 000000005eef0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
11993718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
12003718.38f8: supR3HardenedDllNotificationCallback: load 00000000031f0000 LB 0x0009c000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
12013718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
12023718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb7950000 LB 0x000bf000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
12033718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
12043718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb2620000 LB 0x0002b000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
12053718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
12063718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb2650000 LB 0x00023000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
12073718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll [lacks WinVerifyTrust]
12083718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb740b0000 LB 0x009cf000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
12093718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VirtualBox.dll [lacks WinVerifyTrust]
12103718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12113718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12123718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12133718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
12143718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12153718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12163718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12173718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12183718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12193718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12203718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12213718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12223718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12233718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12243718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12253718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12263718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12273718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12283718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12293718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12303718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12313718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12323718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12333718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12343718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12353718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12363718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12373718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12383718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12393718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12403718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12413718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12423718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12433718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12443718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12453718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12463718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12473718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12483718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12493718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12503718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12513718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12523718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12533718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12543718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12553718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12563718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12573718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12583718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12593718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12603718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12613718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12623718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12633718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12643718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12653718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12663718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12673718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12683718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12693718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12703718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12713718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12723718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12733718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12743718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12753718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12763718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12773718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12783718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12793718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12803718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12813718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12823718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12833718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12843718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12853718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12863718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12873718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12883718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12893718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12903718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e620000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12913718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
12923718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12933718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb5a80000 'C:\WINDOWS\System32\imm32.dll'
12943718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
12953718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
12963718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb59d0000 'C:\WINDOWS\System32\kernel32.dll'
12973718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
12983718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
12993718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-string-l1-1-0'
13003718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
13013718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
13023718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-datetime-l1-1-1'
13033718.38f8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
13043718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
13053718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4a90000 'api-ms-win-core-localization-obsolete-l1-2-0'
13063718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
13073718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13083718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb7840000 'C:\WINDOWS\System32\ADVAPI32.DLL'
13093718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
13103718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\cryptbase.dll)
13113718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\cryptbase.dll
13123718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb3b10000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0]
13133718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
13143718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb740b0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
13153718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
13163718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
13173718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
13183718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
13193718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
13203718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
13213718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
13223718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
13233718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
13243718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
13253718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
13263718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll)
13273718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
13283718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13293718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13303718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13313718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13323718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13333718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13343718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13353718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13363718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
13373718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13383718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13393718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
13403718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13413718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume1\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
13423718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
13433718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13443718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
13453718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
13463718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
13473718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume1\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
13483718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll [lacks WinVerifyTrust]
13493718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
13503718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
13513718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
13523718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13533718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13543718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
13553718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13563718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume1\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13573718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\ole32.dll [lacks WinVerifyTrust]
13583718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13593718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13603718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13613718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
13623718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
13633718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
13643718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13653718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
13663718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb827e0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
13673718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
13683718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb827e0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
13693718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13703718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
13713718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
13723718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\uxtheme.dll)
13733718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\uxtheme.dll
13743718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13753718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13763718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
13773718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13783718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13793718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13803718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13813718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13823718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
13833718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
13843718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
13853718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb2860000 LB 0x00095000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
13863718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
13873718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb2860000 'C:\WINDOWS\system32\uxtheme.dll'
13883718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
13893718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb5640000 'C:\WINDOWS\system32\user32.dll'
13903718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
13913718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13923718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb60c0000 'C:\WINDOWS\system32\shell32.dll'
13933718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
13943718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13953718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb4db0000 'C:\WINDOWS\system32\SHCore.dll'
13963718.38f8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
13973718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
13983718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13993718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'win32u.dll'.
14003718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'.
14013718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'.
14023718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dwmapi.dll)
14033718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dwmapi.dll
14043718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb2030000 LB 0x00026000 C:\WINDOWS\system32\dwmapi.dll [fFlags=0x0]
14053718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dwmapi.dll [lacks WinVerifyTrust]
14063718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll [lacks WinVerifyTrust]
14073718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14083718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14093718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14103718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14113718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14123718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
14133718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
14143718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
14153718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
14163718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14173718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14183718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14193718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14203718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb2650000 'C:\WINDOWS\system32\winmm.dll'
14213718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\winmm.dll [lacks WinVerifyTrust]
14223718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14233718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb2650000 'C:\WINDOWS\system32\winmm.dll'
14243718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14253718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14263718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb60c0000 'C:\WINDOWS\system32\shell32.dll'
14273718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
14283718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14293718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb2860000 'C:\WINDOWS\system32\uxtheme.dll'
14303718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14313718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb7800000 'C:\WINDOWS\system32\gdi32.dll'
14323718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb75d0000 LB 0x0015a000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
14333718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14343718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'.
14353718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'user32.dll'.
14363718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
14373718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'imm32.dll'.
14383718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\msctf.dll)
14393718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\msctf.dll
14403718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
14413718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
14423718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume1\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
14433718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\imm32.dll [lacks WinVerifyTrust]
14443718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14453718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume1\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14463718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14473718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14483718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume1\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14493718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\user32.dll [lacks WinVerifyTrust]
14503718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
14513718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume1\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
14523718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
14533718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14543718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14553718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14563718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb5ab0000 'C:\WINDOWS\System32\rpcrt4.dll'
14573718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb7a10000 LB 0x0009f000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
14583718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14593718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
14603718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\clbcatq.dll)
14613718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\clbcatq.dll
14623718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14633718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
14643718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'.
14653718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'd3d11.dll'.
14663718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dcomp.dll'.
14673718.38f8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume1\Windows\System32\DataExchange.dll)
14683718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\DataExchange.dll
14693718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
14703718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume1\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
14713718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
14723718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
14733718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dcomp.dll)
14743718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dcomp.dll
14753718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
14763718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume1\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
14773718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14783718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'.
14793718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'win32u.dll'.
14803718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\d3d11.dll)
14813718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\d3d11.dll
14823718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
14833718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume1\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
14843718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\combase.dll [lacks WinVerifyTrust]
14853718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
14863718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume1\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
14873718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
14883718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14893718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14903718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14913718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14923718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14933718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
14943718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14953718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14963718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14973718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
14983718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
14993718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15003718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
15013718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume1\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
15023718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15033718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
15043718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\dxgi.dll)
15053718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\dxgi.dll
15063718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15073718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15083718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15093718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15103718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15113718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15123718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15133718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15143718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15153718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15163718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume1\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15173718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15183718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15193718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15203718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15213718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
15223718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
15233718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
15243718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
15253718.38f8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
15263718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb30e0000 LB 0x0009f000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
15273718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
15283718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbaf230000 LB 0x002b6000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
15293718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
15303718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb1e30000 LB 0x00151000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
15313718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
15323718.38f8: supR3HardenedDllNotificationCallback: load 00007ffb88130000 LB 0x00049000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
15333718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume1\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
15343718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb88130000 'C:\WINDOWS\system32\dataexchange.dll'
15353718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15363718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
15373718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'bcrypt.dll'.
15383718.38f8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
15393718.38f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume1\Windows\System32\twinapi.appcore.dll)
15403718.38f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume1\Windows\System32\twinapi.appcore.dll
15413718.38f8: supR3HardenedDllNotificationCallback: load 00007ffbb2b40000 LB 0x0011c000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
15423718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust]
15433718.38f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msctf.dll [lacks WinVerifyTrust]
15443718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
15453718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume1\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15463718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\combase.dll [lacks WinVerifyTrust]
15473718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
15483718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume1\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
15493718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
15503718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15513718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume1\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15523718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
15533718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15543718.38f8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume1\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15553718.38f8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume1\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
15563718.38f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15573718.38f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbb75d0000 'C:\WINDOWS\System32\MSCTF.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy