VirtualBox

Ticket #17433: VM7-2018-01-08-13-48-19.log

File VM7-2018-01-08-13-48-19.log, 230.4 KB (added by Patrick_BNC, 7 years ago)

VBoxHardening.log

Line 
119d4.15e4: Log file opened: 5.2.4r119785 g_hStartupLog=0000000000000068 g_uNtVerCombined=0xa03fab00
219d4.15e4: \SystemRoot\System32\ntdll.dll:
319d4.15e4: CreationTime: 2018-01-08T15:33:57.509458600Z
419d4.15e4: LastWriteTime: 2017-10-25T04:37:21.227931100Z
519d4.15e4: ChangeTime: 2018-01-08T16:44:23.982254300Z
619d4.15e4: FileAttributes: 0x20
719d4.15e4: Size: 0x1dd100
819d4.15e4: NT Headers: 0xe0
919d4.15e4: Timestamp: 0x493793ea
1019d4.15e4: Machine: 0x8664 - amd64
1119d4.15e4: Timestamp: 0x493793ea
1219d4.15e4: Image Version: 10.0
1319d4.15e4: SizeOfImage: 0x1e0000 (1966080)
1419d4.15e4: Resource Dir: 0x174000 LB 0x6a1d8
1519d4.15e4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1619d4.15e4: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1719d4.15e4: ProductName: Microsoft® Windows® Operating System
1819d4.15e4: ProductVersion: 10.0.16299.64
1919d4.15e4: FileVersion: 10.0.16299.64 (WinBuild.160101.0800)
2019d4.15e4: FileDescription: NT Layer DLL
2119d4.15e4: \SystemRoot\System32\kernel32.dll:
2219d4.15e4: CreationTime: 2017-09-29T13:42:04.954227600Z
2319d4.15e4: LastWriteTime: 2017-09-29T13:42:04.954227600Z
2419d4.15e4: ChangeTime: 2018-01-08T17:16:24.348031400Z
2519d4.15e4: FileAttributes: 0x20
2619d4.15e4: Size: 0xab868
2719d4.15e4: NT Headers: 0xe8
2819d4.15e4: Timestamp: 0xc2cf900
2919d4.15e4: Machine: 0x8664 - amd64
3019d4.15e4: Timestamp: 0xc2cf900
3119d4.15e4: Image Version: 10.0
3219d4.15e4: SizeOfImage: 0xae000 (712704)
3319d4.15e4: Resource Dir: 0xac000 LB 0x520
3419d4.15e4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3519d4.15e4: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3619d4.15e4: ProductName: Microsoft® Windows® Operating System
3719d4.15e4: ProductVersion: 10.0.16299.15
3819d4.15e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
3919d4.15e4: FileDescription: Windows NT BASE API Client DLL
4019d4.15e4: \SystemRoot\System32\KernelBase.dll:
4119d4.15e4: CreationTime: 2017-09-29T13:41:43.124345500Z
4219d4.15e4: LastWriteTime: 2017-09-29T13:41:43.124345500Z
4319d4.15e4: ChangeTime: 2018-01-08T17:16:25.115106900Z
4419d4.15e4: FileAttributes: 0x20
4519d4.15e4: Size: 0x266000
4619d4.15e4: NT Headers: 0xf0
4719d4.15e4: Timestamp: 0x4736733c
4819d4.15e4: Machine: 0x8664 - amd64
4919d4.15e4: Timestamp: 0x4736733c
5019d4.15e4: Image Version: 10.0
5119d4.15e4: SizeOfImage: 0x266000 (2514944)
5219d4.15e4: Resource Dir: 0x245000 LB 0x548
5319d4.15e4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5419d4.15e4: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5519d4.15e4: ProductName: Microsoft® Windows® Operating System
5619d4.15e4: ProductVersion: 10.0.16299.15
5719d4.15e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
5819d4.15e4: FileDescription: Windows NT BASE API Client DLL
5919d4.15e4: \SystemRoot\System32\apisetschema.dll:
6019d4.15e4: CreationTime: 2017-09-29T13:42:07.095026600Z
6119d4.15e4: LastWriteTime: 2017-09-29T13:42:07.095026600Z
6219d4.15e4: ChangeTime: 2018-01-08T15:37:21.786133000Z
6319d4.15e4: FileAttributes: 0x20
6419d4.15e4: Size: 0x1b398
6519d4.15e4: NT Headers: 0xc8
6619d4.15e4: Timestamp: 0xf30abf31
6719d4.15e4: Machine: 0x8664 - amd64
6819d4.15e4: Timestamp: 0xf30abf31
6919d4.15e4: Image Version: 10.0
7019d4.15e4: SizeOfImage: 0x1c000 (114688)
7119d4.15e4: Resource Dir: 0x1b000 LB 0x408
7219d4.15e4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7319d4.15e4: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7419d4.15e4: ProductName: Microsoft® Windows® Operating System
7519d4.15e4: ProductVersion: 10.0.16299.15
7619d4.15e4: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
7719d4.15e4: FileDescription: ApiSet Schema DLL
7819d4.15e4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7919d4.15e4: supR3HardenedWinFindAdversaries: 0x0
8019d4.15e4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
8119d4.15e4: Calling main()
8219d4.15e4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
8319d4.15e4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
8419d4.15e4: SUPR3HardenedMain: Respawn #1
8519d4.15e4: System32: \Device\HarddiskVolume4\Windows\System32
8619d4.15e4: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
8719d4.15e4: KnownDllPath: C:\Windows\System32
8819d4.15e4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
8919d4.15e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
9019d4.15e4: supR3HardNtEnableThreadCreation:
9119d4.15e4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa58ed91b0 pvNtTerminateThread=00007ffa58f00890
9219d4.15e4: supR3HardenedWinDoReSpawn(1): New child 18a4.1b64 [kernel32].
9319d4.15e4: supR3HardNtChildGatherData: PebBaseAddress=0000000000582000 cbPeb=0x388
9419d4.15e4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa58e60000 uNtDllChildAddr=00007ffa58e60000
9519d4.15e4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa58ed91b0
9619d4.15e4: supR3HardenedWinSetupChildInit: Start child.
9719d4.15e4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
9819d4.15e4: supR3HardNtChildPurify: Startup delay kludge #1/0: 264 ms, 16 sleeps
9919d4.15e4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
10019d4.15e4: *0000000000000000-000000000033ffff 0x0001/0x0000 0x0000000
10119d4.15e4: *0000000000340000-000000000035ffff 0x0004/0x0004 0x0020000
10219d4.15e4: *0000000000360000-0000000000378fff 0x0002/0x0002 0x0040000
10319d4.15e4: 0000000000379000-000000000037ffff 0x0001/0x0000 0x0000000
10419d4.15e4: *0000000000380000-0000000000383fff 0x0002/0x0002 0x0040000
10519d4.15e4: 0000000000384000-000000000038ffff 0x0001/0x0000 0x0000000
10619d4.15e4: *0000000000390000-0000000000390fff 0x0004/0x0004 0x0020000
10719d4.15e4: 0000000000391000-00000000003fffff 0x0001/0x0000 0x0000000
10819d4.15e4: *0000000000400000-0000000000581fff 0x0000/0x0004 0x0020000
10919d4.15e4: 0000000000582000-0000000000584fff 0x0004/0x0004 0x0020000
11019d4.15e4: 0000000000585000-00000000005fffff 0x0000/0x0004 0x0020000
11119d4.15e4: *0000000000600000-00000000006fafff 0x0000/0x0004 0x0020000
11219d4.15e4: 00000000006fb000-00000000006fdfff 0x0104/0x0004 0x0020000
11319d4.15e4: 00000000006fe000-00000000006fffff 0x0004/0x0004 0x0020000
11419d4.15e4: 0000000000700000-000000007ffdffff 0x0001/0x0000 0x0000000
11519d4.15e4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
11619d4.15e4: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
11719d4.15e4: 000000007fff0000-00007ff63881ffff 0x0001/0x0000 0x0000000
11819d4.15e4: *00007ff638820000-00007ff638842fff 0x0002/0x0002 0x0040000
11919d4.15e4: 00007ff638843000-00007ff63924ffff 0x0001/0x0000 0x0000000
12019d4.15e4: *00007ff639250000-00007ff639250fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12119d4.15e4: 00007ff639251000-00007ff6392c1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12219d4.15e4: 00007ff6392c2000-00007ff6392c2fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12319d4.15e4: 00007ff6392c3000-00007ff639308fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12419d4.15e4: 00007ff639309000-00007ff639309fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12519d4.15e4: 00007ff63930a000-00007ff63930afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12619d4.15e4: 00007ff63930b000-00007ff63930ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12719d4.15e4: 00007ff639310000-00007ff639310fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12819d4.15e4: 00007ff639311000-00007ff639311fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
12919d4.15e4: 00007ff639312000-00007ff639315fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13019d4.15e4: 00007ff639316000-00007ff63935dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
13119d4.15e4: 00007ff63935e000-00007ffa58e5ffff 0x0001/0x0000 0x0000000
13219d4.15e4: *00007ffa58e60000-00007ffa58e60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13319d4.15e4: 00007ffa58e61000-00007ffa58f72fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13419d4.15e4: 00007ffa58f73000-00007ffa58fb8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13519d4.15e4: 00007ffa58fb9000-00007ffa58fc0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13619d4.15e4: 00007ffa58fc1000-00007ffa58fcefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13719d4.15e4: 00007ffa58fcf000-00007ffa58fcffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13819d4.15e4: 00007ffa58fd0000-00007ffa58fd2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
13919d4.15e4: 00007ffa58fd3000-00007ffa5903ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
14019d4.15e4: 00007ffa59040000-00007ffffffdffff 0x0001/0x0000 0x0000000
14119d4.15e4: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
14219d4.15e4: VirtualBox.exe: timestamp 0x5a37e337 (rc=VINF_SUCCESS)
14319d4.15e4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
14419d4.15e4: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
14519d4.15e4: supR3HardNtChildPurify: Done after 322 ms and 0 fixes (loop #0).
14618a4.1b64: Log file opened: 5.2.4r119785 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
14718a4.1b64: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa58e60000 g_uNtVerCombined=0xa03fab00
14819d4.15e4: supR3HardNtEnableThreadCreation:
14918a4.1b64: ntdll.dll: timestamp 0x493793ea (rc=VINF_SUCCESS)
15018a4.1b64: New simple heap: #1 0000000000800000 LB 0x400000 (for 1966080 allocation)
15118a4.1b64: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
15218a4.1b64: System32: \Device\HarddiskVolume4\Windows\System32
15318a4.1b64: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
15418a4.1b64: KnownDllPath: C:\Windows\System32
15518a4.1b64: supR3HardenedVmProcessInit: Opening vboxdrv stub...
15618a4.1b64: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
15718a4.1b64: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
15818a4.1b64: Registered Dll notification callback with NTDLL.
15918a4.1b64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
16018a4.1b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
16118a4.1b64: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
16218a4.1b64: supR3HardenedDllNotificationCallback: load 00007ffa55480000 LB 0x00266000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
16318a4.1b64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
16418a4.1b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
16518a4.1b64: supR3HardenedDllNotificationCallback: load 00007ffa584f0000 LB 0x000ae000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
16618a4.1b64: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
16718a4.1b64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa584f0000 'C:\Windows\System32\KERNEL32.DLL'
16818a4.1b64: supR3HardenedDllNotificationCallback: load 00007ff639250000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
16918a4.1b64: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
17018a4.1b64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
17118a4.1b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
17218a4.1b64: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa58ed91b0 pvNtTerminateThread=00007ffa58f00890
17319d4.15e4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 150 ms.
17418a4.1b64: \SystemRoot\System32\ntdll.dll:
17518a4.1b64: CreationTime: 2018-01-08T15:33:57.509458600Z
17618a4.1b64: LastWriteTime: 2017-10-25T04:37:21.227931100Z
17718a4.1b64: ChangeTime: 2018-01-08T16:44:23.982254300Z
17818a4.1b64: FileAttributes: 0x20
17918a4.1b64: Size: 0x1dd100
18018a4.1b64: NT Headers: 0xe0
18118a4.1b64: Timestamp: 0x493793ea
18218a4.1b64: Machine: 0x8664 - amd64
18318a4.1b64: Timestamp: 0x493793ea
18418a4.1b64: Image Version: 10.0
18518a4.1b64: SizeOfImage: 0x1e0000 (1966080)
18618a4.1b64: Resource Dir: 0x174000 LB 0x6a1d8
18718a4.1b64: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
18818a4.1b64: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
18918a4.1b64: ProductName: Microsoft® Windows® Operating System
19018a4.1b64: ProductVersion: 10.0.16299.64
19118a4.1b64: FileVersion: 10.0.16299.64 (WinBuild.160101.0800)
19218a4.1b64: FileDescription: NT Layer DLL
19318a4.1b64: \SystemRoot\System32\kernel32.dll:
19418a4.1b64: CreationTime: 2017-09-29T13:42:04.954227600Z
19518a4.1b64: LastWriteTime: 2017-09-29T13:42:04.954227600Z
19618a4.1b64: ChangeTime: 2018-01-08T17:16:24.348031400Z
19718a4.1b64: FileAttributes: 0x20
19818a4.1b64: Size: 0xab868
19918a4.1b64: NT Headers: 0xe8
20018a4.1b64: Timestamp: 0xc2cf900
20118a4.1b64: Machine: 0x8664 - amd64
20218a4.1b64: Timestamp: 0xc2cf900
20318a4.1b64: Image Version: 10.0
20418a4.1b64: SizeOfImage: 0xae000 (712704)
20518a4.1b64: Resource Dir: 0xac000 LB 0x520
20618a4.1b64: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
20718a4.1b64: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
20818a4.1b64: ProductName: Microsoft® Windows® Operating System
20918a4.1b64: ProductVersion: 10.0.16299.15
21018a4.1b64: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
21118a4.1b64: FileDescription: Windows NT BASE API Client DLL
21218a4.1b64: \SystemRoot\System32\KernelBase.dll:
21318a4.1b64: CreationTime: 2017-09-29T13:41:43.124345500Z
21418a4.1b64: LastWriteTime: 2017-09-29T13:41:43.124345500Z
21518a4.1b64: ChangeTime: 2018-01-08T17:16:25.115106900Z
21618a4.1b64: FileAttributes: 0x20
21718a4.1b64: Size: 0x266000
21818a4.1b64: NT Headers: 0xf0
21918a4.1b64: Timestamp: 0x4736733c
22018a4.1b64: Machine: 0x8664 - amd64
22118a4.1b64: Timestamp: 0x4736733c
22218a4.1b64: Image Version: 10.0
22318a4.1b64: SizeOfImage: 0x266000 (2514944)
22418a4.1b64: Resource Dir: 0x245000 LB 0x548
22518a4.1b64: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
22618a4.1b64: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
22718a4.1b64: ProductName: Microsoft® Windows® Operating System
22818a4.1b64: ProductVersion: 10.0.16299.15
22918a4.1b64: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
23018a4.1b64: FileDescription: Windows NT BASE API Client DLL
23118a4.1b64: \SystemRoot\System32\apisetschema.dll:
23218a4.1b64: CreationTime: 2017-09-29T13:42:07.095026600Z
23318a4.1b64: LastWriteTime: 2017-09-29T13:42:07.095026600Z
23418a4.1b64: ChangeTime: 2018-01-08T15:37:21.786133000Z
23518a4.1b64: FileAttributes: 0x20
23618a4.1b64: Size: 0x1b398
23718a4.1b64: NT Headers: 0xc8
23818a4.1b64: Timestamp: 0xf30abf31
23918a4.1b64: Machine: 0x8664 - amd64
24018a4.1b64: Timestamp: 0xf30abf31
24118a4.1b64: Image Version: 10.0
24218a4.1b64: SizeOfImage: 0x1c000 (114688)
24318a4.1b64: Resource Dir: 0x1b000 LB 0x408
24418a4.1b64: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
24518a4.1b64: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
24618a4.1b64: ProductName: Microsoft® Windows® Operating System
24718a4.1b64: ProductVersion: 10.0.16299.15
24818a4.1b64: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
24918a4.1b64: FileDescription: ApiSet Schema DLL
25018a4.1b64: NtOpenDirectoryObject failed on \Driver: 0xc0000022
25118a4.1b64: supR3HardenedWinFindAdversaries: 0x0
25218a4.1b64: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
25318a4.1b64: Calling main()
25418a4.1b64: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
25518a4.1b64: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
25618a4.1b64: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
25718a4.1b64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
25818a4.1b64: SUPR3HardenedMain: Respawn #2
25918a4.1b64: supR3HardNtEnableThreadCreation:
26018a4.1b64: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
26118a4.1b64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll)
26218a4.1b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
26318a4.1b64: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26418a4.1b64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58e60000 'C:\Windows\System32\ntdll.dll'
26518a4.1b64: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa58ed91b0 pvNtTerminateThread=00007ffa58f00890
26618a4.1b64: supR3HardenedWinDoReSpawn(2): New child 1bd4.1bd0 [kernel32].
26718a4.1b64: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
26818a4.1b64: supR3HardNtChildGatherData: PebBaseAddress=00000000008d7000 cbPeb=0x388
26918a4.1b64: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa58e60000 uNtDllChildAddr=00007ffa58e60000
27018a4.1b64: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa58ed91b0
27118a4.1b64: supR3HardenedWinSetupChildInit: Start child.
27218a4.1b64: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
27318a4.1b64: supR3HardNtChildPurify: Startup delay kludge #1/0: 271 ms, 29 sleeps
27418a4.1b64: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
27518a4.1b64: *0000000000000000-00000000006bffff 0x0001/0x0000 0x0000000
27618a4.1b64: *00000000006c0000-00000000006dffff 0x0004/0x0004 0x0020000
27718a4.1b64: *00000000006e0000-00000000006f8fff 0x0002/0x0002 0x0040000
27818a4.1b64: 00000000006f9000-00000000006fffff 0x0001/0x0000 0x0000000
27918a4.1b64: *0000000000700000-00000000007fafff 0x0000/0x0004 0x0020000
28018a4.1b64: 00000000007fb000-00000000007fdfff 0x0104/0x0004 0x0020000
28118a4.1b64: 00000000007fe000-00000000007fffff 0x0004/0x0004 0x0020000
28218a4.1b64: *0000000000800000-00000000008d6fff 0x0000/0x0004 0x0020000
28318a4.1b64: 00000000008d7000-00000000008d9fff 0x0004/0x0004 0x0020000
28418a4.1b64: 00000000008da000-00000000009fffff 0x0000/0x0004 0x0020000
28518a4.1b64: *0000000000a00000-0000000000a03fff 0x0002/0x0002 0x0040000
28618a4.1b64: 0000000000a04000-0000000000a0ffff 0x0001/0x0000 0x0000000
28718a4.1b64: *0000000000a10000-0000000000a10fff 0x0004/0x0004 0x0020000
28818a4.1b64: 0000000000a11000-000000007ffdffff 0x0001/0x0000 0x0000000
28918a4.1b64: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
29018a4.1b64: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
29118a4.1b64: 000000007fff0000-00007ff63833ffff 0x0001/0x0000 0x0000000
29218a4.1b64: *00007ff638340000-00007ff638362fff 0x0002/0x0002 0x0040000
29318a4.1b64: 00007ff638363000-00007ff63924ffff 0x0001/0x0000 0x0000000
29418a4.1b64: *00007ff639250000-00007ff639250fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
29518a4.1b64: 00007ff639251000-00007ff6392c1fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
29618a4.1b64: 00007ff6392c2000-00007ff6392c2fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
29718a4.1b64: 00007ff6392c3000-00007ff639308fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
29818a4.1b64: 00007ff639309000-00007ff639309fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
29918a4.1b64: 00007ff63930a000-00007ff63930afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
30018a4.1b64: 00007ff63930b000-00007ff63930ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
30118a4.1b64: 00007ff639310000-00007ff639310fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
30218a4.1b64: 00007ff639311000-00007ff639311fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
30318a4.1b64: 00007ff639312000-00007ff639315fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
30418a4.1b64: 00007ff639316000-00007ff63935dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
30518a4.1b64: 00007ff63935e000-00007ffa58e5ffff 0x0001/0x0000 0x0000000
30618a4.1b64: *00007ffa58e60000-00007ffa58e60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
30718a4.1b64: 00007ffa58e61000-00007ffa58f72fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
30818a4.1b64: 00007ffa58f73000-00007ffa58fb8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
30918a4.1b64: 00007ffa58fb9000-00007ffa58fc0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
31018a4.1b64: 00007ffa58fc1000-00007ffa58fcefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
31118a4.1b64: 00007ffa58fcf000-00007ffa58fcffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
31218a4.1b64: 00007ffa58fd0000-00007ffa58fd2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
31318a4.1b64: 00007ffa58fd3000-00007ffa5903ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
31418a4.1b64: 00007ffa59040000-00007ffffffdffff 0x0001/0x0000 0x0000000
31518a4.1b64: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
31618a4.1b64: VirtualBox.exe: timestamp 0x5a37e337 (rc=VINF_SUCCESS)
31718a4.1b64: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
31818a4.1b64: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
31918a4.1b64: supR3HardNtChildPurify: Done after 317 ms and 0 fixes (loop #0).
32018a4.1b64: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000800000 LB 0x400000)
3211bd4.1bd0: Log file opened: 5.2.4r119785 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03fab00
3221bd4.1bd0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa58e60000 g_uNtVerCombined=0xa03fab00
32318a4.1b64: supR3HardNtEnableThreadCreation:
3241bd4.1bd0: ntdll.dll: timestamp 0x493793ea (rc=VINF_SUCCESS)
3251bd4.1bd0: New simple heap: #1 0000000000b20000 LB 0x400000 (for 1966080 allocation)
3261bd4.1bd0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3271bd4.1bd0: System32: \Device\HarddiskVolume4\Windows\System32
3281bd4.1bd0: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
3291bd4.1bd0: KnownDllPath: C:\Windows\System32
3301bd4.1bd0: supR3HardenedVmProcessInit: Opening vboxdrv...
3311bd4.1bd0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3321bd4.1bd0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3331bd4.1bd0: Registered Dll notification callback with NTDLL.
3341bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
3351bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
3361bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
3371bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55480000 LB 0x00266000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
3381bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
3391bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
3401bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa584f0000 LB 0x000ae000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
3411bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3421bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa584f0000 'C:\Windows\System32\KERNEL32.DLL'
3431bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ff639250000 LB 0x0010e000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
3441bd4.1bd0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
3451bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
3461bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
3471bd4.1bd0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa58ed91b0 pvNtTerminateThread=00007ffa58f00890
34818a4.1b64: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 98 ms.
3491bd4.1bd0: \SystemRoot\System32\ntdll.dll:
3501bd4.1bd0: CreationTime: 2018-01-08T15:33:57.509458600Z
3511bd4.1bd0: LastWriteTime: 2017-10-25T04:37:21.227931100Z
3521bd4.1bd0: ChangeTime: 2018-01-08T16:44:23.982254300Z
3531bd4.1bd0: FileAttributes: 0x20
3541bd4.1bd0: Size: 0x1dd100
3551bd4.1bd0: NT Headers: 0xe0
3561bd4.1bd0: Timestamp: 0x493793ea
3571bd4.1bd0: Machine: 0x8664 - amd64
3581bd4.1bd0: Timestamp: 0x493793ea
3591bd4.1bd0: Image Version: 10.0
3601bd4.1bd0: SizeOfImage: 0x1e0000 (1966080)
3611bd4.1bd0: Resource Dir: 0x174000 LB 0x6a1d8
3621bd4.1bd0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
3631bd4.1bd0: [Raw version resource data: 0x1740f0 LB 0x380, codepage 0x0 (reserved 0x0)]
3641bd4.1bd0: ProductName: Microsoft® Windows® Operating System
3651bd4.1bd0: ProductVersion: 10.0.16299.64
3661bd4.1bd0: FileVersion: 10.0.16299.64 (WinBuild.160101.0800)
3671bd4.1bd0: FileDescription: NT Layer DLL
3681bd4.1bd0: \SystemRoot\System32\kernel32.dll:
3691bd4.1bd0: CreationTime: 2017-09-29T13:42:04.954227600Z
3701bd4.1bd0: LastWriteTime: 2017-09-29T13:42:04.954227600Z
3711bd4.1bd0: ChangeTime: 2018-01-08T17:16:24.348031400Z
3721bd4.1bd0: FileAttributes: 0x20
3731bd4.1bd0: Size: 0xab868
3741bd4.1bd0: NT Headers: 0xe8
3751bd4.1bd0: Timestamp: 0xc2cf900
3761bd4.1bd0: Machine: 0x8664 - amd64
3771bd4.1bd0: Timestamp: 0xc2cf900
3781bd4.1bd0: Image Version: 10.0
3791bd4.1bd0: SizeOfImage: 0xae000 (712704)
3801bd4.1bd0: Resource Dir: 0xac000 LB 0x520
3811bd4.1bd0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3821bd4.1bd0: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3831bd4.1bd0: ProductName: Microsoft® Windows® Operating System
3841bd4.1bd0: ProductVersion: 10.0.16299.15
3851bd4.1bd0: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
3861bd4.1bd0: FileDescription: Windows NT BASE API Client DLL
3871bd4.1bd0: \SystemRoot\System32\KernelBase.dll:
3881bd4.1bd0: CreationTime: 2017-09-29T13:41:43.124345500Z
3891bd4.1bd0: LastWriteTime: 2017-09-29T13:41:43.124345500Z
3901bd4.1bd0: ChangeTime: 2018-01-08T17:16:25.115106900Z
3911bd4.1bd0: FileAttributes: 0x20
3921bd4.1bd0: Size: 0x266000
3931bd4.1bd0: NT Headers: 0xf0
3941bd4.1bd0: Timestamp: 0x4736733c
3951bd4.1bd0: Machine: 0x8664 - amd64
3961bd4.1bd0: Timestamp: 0x4736733c
3971bd4.1bd0: Image Version: 10.0
3981bd4.1bd0: SizeOfImage: 0x266000 (2514944)
3991bd4.1bd0: Resource Dir: 0x245000 LB 0x548
4001bd4.1bd0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4011bd4.1bd0: [Raw version resource data: 0x2450b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
4021bd4.1bd0: ProductName: Microsoft® Windows® Operating System
4031bd4.1bd0: ProductVersion: 10.0.16299.15
4041bd4.1bd0: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
4051bd4.1bd0: FileDescription: Windows NT BASE API Client DLL
4061bd4.1bd0: \SystemRoot\System32\apisetschema.dll:
4071bd4.1bd0: CreationTime: 2017-09-29T13:42:07.095026600Z
4081bd4.1bd0: LastWriteTime: 2017-09-29T13:42:07.095026600Z
4091bd4.1bd0: ChangeTime: 2018-01-08T15:37:21.786133000Z
4101bd4.1bd0: FileAttributes: 0x20
4111bd4.1bd0: Size: 0x1b398
4121bd4.1bd0: NT Headers: 0xc8
4131bd4.1bd0: Timestamp: 0xf30abf31
4141bd4.1bd0: Machine: 0x8664 - amd64
4151bd4.1bd0: Timestamp: 0xf30abf31
4161bd4.1bd0: Image Version: 10.0
4171bd4.1bd0: SizeOfImage: 0x1c000 (114688)
4181bd4.1bd0: Resource Dir: 0x1b000 LB 0x408
4191bd4.1bd0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4201bd4.1bd0: [Raw version resource data: 0x1b060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
4211bd4.1bd0: ProductName: Microsoft® Windows® Operating System
4221bd4.1bd0: ProductVersion: 10.0.16299.15
4231bd4.1bd0: FileVersion: 10.0.16299.15 (WinBuild.160101.0800)
4241bd4.1bd0: FileDescription: ApiSet Schema DLL
4251bd4.1bd0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
4261bd4.1bd0: supR3HardenedWinFindAdversaries: 0x0
4271bd4.1bd0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
4281bd4.1bd0: Calling main()
4291bd4.1bd0: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
4301bd4.1bd0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
4311bd4.1bd0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
4321bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
4331bd4.1bd0: SUPR3HardenedMain: Final process, opening VBoxDrv...
4341bd4.1bd0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000b20000 LB 0x400000)
4351bd4.1bd0: supR3HardNtEnableThreadCreation:
4361bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
4371bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
4381bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4391bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4401bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa4e1c0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
4411bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4421bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4431bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4441bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa4e1c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4451bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
4461bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
4471bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa4e1c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4481bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa4e1c0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
4491bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4501bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
4511bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
4521bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
4531bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
4541bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
4551bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4561bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4571bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
4581bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
4591bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
4601bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
4611bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'msasn1.dll'.
4621bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
4631bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
4641bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4651bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4661bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
4671bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
4681bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
4691bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
4701bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
4711bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
4721bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
4731bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
4741bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4751bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4761bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa588f0000 LB 0x0009d000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
4771bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
4781bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa551f0000 LB 0x00012000 C:\Windows\System32\MSASN1.dll [fFlags=0x0]
4791bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
4801bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55740000 LB 0x000f6000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
4811bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
4821bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
4831bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56160000 LB 0x001ce000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
4841bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
4851bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56830000 LB 0x0011f000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
4861bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4871bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56750000 LB 0x0005b000 C:\Windows\System32\sechost.dll [fFlags=0x0]
4881bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
4891bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
4901bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
4911bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa58ce0000 LB 0x000a1000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
4921bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
4931bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
4941bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
4951bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
4961bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
4971bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55910000 LB 0x00058000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
4981bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
4991bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
5001bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5011bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-synch-l1-2-0'
5021bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
5031bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5041bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-fibers-l1-1-1'
5051bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
5061bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5071bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-fibers-l1-1-1'
5081bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
5091bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5101bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-synch-l1-2-0'
5111bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
5121bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5131bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-localization-l1-2-1'
5141bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\system32\Wintrust.dll'
5151bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
5161bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
5171bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5181bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5191bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
5211bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
5221bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
5231bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5241bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5251bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
5261bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5271bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5281bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
5291bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5301bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5311bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa54d10000 LB 0x00025000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
5321bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5331bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa54d10000 'C:\Windows\system32\bcrypt.dll'
5341bd4.1bd0: bcrypt.dll loaded at 00007ffa54d10000, BCryptOpenAlgorithmProvider at 00007ffa54d12590, preloading providers:
5351bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
5361bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
5371bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5381bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55260000 LB 0x00072000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
5391bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5401bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55260000 'C:\Windows\system32\bcryptprimitives.dll'
5411bd4.1bd0: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000003064de0)
5421bd4.1bd0: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000306e810)
5431bd4.1bd0: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000306eae0)
5441bd4.1bd0: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000306edb0)
5451bd4.1bd0: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000306f080)
5461bd4.1bd0: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000306fb60)
5471bd4.1bd0: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000306fe30)
5481bd4.1bd0: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000003070100)
5491bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5501bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5511bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5521bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5531bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5541bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5551bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5561bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5571bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5581bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5591bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5601bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5611bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5621bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5631bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5641bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5651bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5661bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5671bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5681bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5691bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5701bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
5711bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
5721bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa54c00000 LB 0x00017000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
5731bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
5741bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
5751bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
5761bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
5771bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
5781bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
5791bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
5801bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5811bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5821bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa545f0000 LB 0x00033000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
5831bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
5841bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
5851bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
5861bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
5871bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
5881bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa54c20000 LB 0x0000b000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
5891bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
5901bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
5921bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
5931bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
5941bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5951bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa584f0000 'C:\Windows\System32\kernel32.dll'
5961bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
5971bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
5981bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
5991bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6001bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\CRYPT32.dll'
6011bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56810000 LB 0x0001d000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
6021bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
6031bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
6041bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6051bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6061bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
6071bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6081bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
6091bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
6101bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
6111bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa53f80000 LB 0x00022000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
6121bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
6131bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa551b0000 LB 0x0001b000 C:\Windows\System32\profapi.dll [fFlags=0x0]
6141bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
6151bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
6161bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6171bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
6181bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
6191bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
6201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
6211bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
6221bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6231bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6241bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6251bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6261bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6271bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6281bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6291bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6301bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6311bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6321bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6331bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6341bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa3d620000 LB 0x0002f000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
6351bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6361bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6371bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6381bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6391bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6401bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6411bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6421bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6431bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6441bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6451bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6461bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6471bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6481bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6491bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6501bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6511bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6521bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6531bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6541bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6551bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6561bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6571bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6581bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6591bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6601bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6611bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6621bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6631bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6641bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6651bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
6661bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa3d620000 'C:\Windows\System32\cryptnet.dll'
6671bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6681bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6691bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
6701bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6711bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6721bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
6731bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
6741bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000030c5ce0
6751bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000030c5ce0
6761bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=53496CD1E8E6D63F8EA58DDB173BEA60E4848C3E
6771bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6781bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6791bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56830000 'C:\Windows\System32\rpcrt4.dll'
6801bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6811bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6821bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6831bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6841bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6851bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6861bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6871bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6881bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6891bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6901bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6911bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6921bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6931bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6941bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\System32\WINTRUST.DLL'
6951bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6961bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6971bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
6981bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6991bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7001bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7011bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_760_for_KB4054517~31bf3856ad364e35~amd64~~10.0.1.6.cat'; file='\SystemRoot\System32\ntdll.dll'
7021bd4.1bd0: g_pfnWinVerifyTrust=00007ffa55916bc0
7031bd4.1bd0: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
7041bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7051bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7061bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7071bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7081bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7091bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7101bd4.1bd0: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
7111bd4.1bd0: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
7121bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7131bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7141bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7151bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
7161bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7171bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7181bd4.1bd0: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
7191bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
7201bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000030c5ce0
7211bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000030c5ce0
7221bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5A0BC1B38B9F5EE15493A1BB6ABB29D2FFBB4119
7231bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7241bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7251bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7261bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7271bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0015~31bf3856ad364e35~amd64~~10.0.16299.15.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
7281bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
7291bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
7301bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7311bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7321bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7331bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
7341bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7351bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7361bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7371bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
7381bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7391bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7401bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7411bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
7421bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7431bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7441bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7451bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
7461bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7471bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7481bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7491bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
7501bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7511bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7521bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
7531bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7541bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
7551bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7561bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7571bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
7581bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
7591bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7601bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7611bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7621bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
7631bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7641bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7651bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
7661bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7671bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7681bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
7691bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7701bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7711bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll'
7721bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7731bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7741bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
7751bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7761bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7771bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
7781bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7791bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7801bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
7811bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7821bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
7831bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7841bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe'
7851bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7861bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7871bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
7881bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
7891bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
7901bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
7911bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\system32\crypt32.dll'
7921bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
7931bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
7941bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
7951bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
7961bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
7971bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
7981bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
7991bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
8001bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
8011bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
8021bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
8031bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
8041bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
8051bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
8061bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
8071bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
8081bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
8091bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
8101bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
8111bd4.1bd0: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
8121bd4.1bd0: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=20
8131bd4.1bd0: SUPR3HardenedMain: Load Runtime...
8141bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
8151bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8161bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
8171bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
8181bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
8191bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
8201bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8211bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8221bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8231bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
8241bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
8251bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
8261bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
8271bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
8281bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
8291bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
8301bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
8311bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
8321bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
8331bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8341bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8351bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
8361bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
8371bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
8381bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
8391bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8401bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8411bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8421bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
8431bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
8441bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8451bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
8461bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
8471bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
8481bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
8491bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
8501bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8511bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8521bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8531bd4.1bd0: supR3HardenedDllNotificationCallback: load 00000000778f0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
8541bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
8551bd4.1bd0: supR3HardenedDllNotificationCallback: load 00000000779d0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
8561bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
8571bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56950000 LB 0x0006c000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
8581bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
8591bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa48580000 LB 0x00590000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
8601bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8611bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
8621bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
8631bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8641bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8651bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8661bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8671bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8681bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8691bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8701bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8711bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8721bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8731bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8741bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8751bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8761bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8771bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8781bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8791bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8801bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8811bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8821bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8831bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8841bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8851bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8861bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8871bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8881bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
8891bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8901bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8911bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8921bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8931bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8941bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8951bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8961bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8971bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8981bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
8991bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9001bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9011bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9021bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9031bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9041bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9051bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9061bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9071bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9081bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9091bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9101bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9111bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa48580000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9121bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55910000 'C:\Windows\system32\Wintrust.dll'
9131bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
9141bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
9151bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
9161bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9171bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
9181bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
9191bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\system32\crypt32.dll'
9201bd4.1bd0: SUPR3HardenedMain: Load TrustedMain...
9211bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
9221bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
9231bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
9241bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
9251bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
9261bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
9271bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5guivbox.dll'.
9281bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5widgetsvbox.dll'.
9291bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5printsupportvbox.dll'.
9301bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
9311bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
9321bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
9331bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
9341bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
9351bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
9361bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'winmm.dll'.
9371bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
9381bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
9391bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
9401bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
9411bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
9421bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
9431bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
9441bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
9451bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
9461bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
9471bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
9481bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
9491bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9501bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9511bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
9521bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
9531bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
9541bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
9551bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9561bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
9571bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
9581bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9591bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9601bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
9611bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
9621bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
9631bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9641bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
9651bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
9661bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
9671bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
9681bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
9691bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
9701bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
9711bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
9721bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9731bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9741bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
9751bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
9761bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
9771bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
9781bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
9791bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'.
9801bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
9811bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
9821bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
9831bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
9841bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
9851bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
9861bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
9871bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
9881bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
9891bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
9901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9921bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
9931bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
9941bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
9951bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'gdi32.dll'.
9961bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'user32.dll'.
9971bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'combase.dll'.
9981bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
9991bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
10001bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
10011bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
10021bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
10031bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
10041bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
10051bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10061bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10071bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
10081bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
10091bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
10101bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
10111bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
10121bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10131bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10141bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
10151bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
10161bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
10171bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10181bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10191bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10211bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10221bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
10231bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
10241bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
10251bd4.1bd0: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
10261bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
10271bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
10281bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
10291bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
10301bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10311bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #73 'user32.dll'.
10321bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'gdi32.dll'.
10331bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll) WinVerifyTrust
10341bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
10351bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
10361bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
10371bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
10381bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10391bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10401bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
10411bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
10421bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
10431bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
10441bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10451bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10461bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
10471bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10481bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10491bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
10501bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
10511bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
10521bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
10531bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
10541bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
10551bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
10561bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
10571bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
10581bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
10591bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
10601bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
10611bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
10621bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5printsupportvbox.dll'...
10631bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5printsupportvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5printsupportvbox.dll' [rcNtRedir=0xc0150008]
10641bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10651bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10661bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
10671bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
10681bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
10691bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
10701bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
10711bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
10721bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
10731bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
10741bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
10751bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
10761bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
10771bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
10781bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
10791bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
10801bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
10811bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
10821bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
10831bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
10841bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
10851bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
10861bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
10871bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
10881bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
10891bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
10901bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
10911bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
10921bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
10931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
10941bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
10951bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
10961bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
10971bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
10981bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
10991bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
11001bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
11011bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
11021bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
11031bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
11041bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11051bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11061bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11071bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
11081bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
11091bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
11101bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
11111bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
11121bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
11131bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
11141bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
11151bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
11161bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
11171bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
11181bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
11191bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11211bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
11221bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11231bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11241bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11251bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11261bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11271bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11281bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
11291bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
11301bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
11311bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
11321bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
11331bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
11341bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11351bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11361bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
11371bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11381bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11391bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11401bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
11411bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
11421bd4.1bd0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
11431bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11441bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
11451bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
11461bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
11471bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
11481bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
11491bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
11501bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
11511bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
11521bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
11531bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11541bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11551bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
11561bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
11571bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
11581bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
11591bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
11601bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
11611bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
11621bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
11631bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
11641bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
11651bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
11661bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
11671bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11681bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11691bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
11701bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
11711bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
11721bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
11731bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
11741bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
11751bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
11761bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11771bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11781bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
11791bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
11801bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
11811bd4.1bd0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
11821bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11831bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11841bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
11851bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
11861bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
11871bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11881bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11891bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
11901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
11911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
11921bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
11931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
11941bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
11951bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
11961bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11971bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11981bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
11991bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
12001bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
12011bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
12021bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12031bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12041bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
12051bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12061bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12071bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
12081bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
12091bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
12101bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5widgetsvbox.dll'.
12111bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
12121bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
12131bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
12141bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'comdlg32.dll'.
12151bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcr100.dll'.
12161bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll) WinVerifyTrust
12171bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
12181bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
12191bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
12201bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [redoing WinVerifyTrust]
12211bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12221bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12231bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12241bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
12251bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
12261bd4.1bd0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll'.
12271bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12281bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
12291bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'shlwapi.dll'.
12301bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
12311bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'comctl32.dll'.
12321bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'shell32.dll'.
12331bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll)
12341bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
12351bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
12361bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
12371bd4.1bd0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
12381bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12391bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'iphlpapi.dll'.
12401bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'bcrypt.dll'.
12411bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv)
12421bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv
12431bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
12441bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
12451bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
12461bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
12471bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
12481bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
12491bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
12501bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
12511bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
12521bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12531bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12541bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
12551bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12561bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12571bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12581bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
12591bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
12601bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
12611bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
12621bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
12631bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL'.
12641bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL)
12651bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
12661bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12671bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12681bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
12691bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
12701bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
12711bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
12721bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
12731bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
12741bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
12751bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
12761bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
12771bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll)
12781bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll
12791bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12801bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12811bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12821bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
12831bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
12841bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
12851bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
12861bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'gdi32.dll'.
12871bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'user32.dll'.
12881bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
12891bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
12901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12921bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12941bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12951bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12961bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12971bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12981bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12991bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13001bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13011bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13021bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13031bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13041bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13051bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13061bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
13071bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
13081bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
13091bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
13101bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
13111bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13121bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13131bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
13141bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
13151bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
13161bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13171bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13181bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
13191bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
13201bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
13211bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13221bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13231bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
13241bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
13251bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
13261bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13271bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13281bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
13291bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
13301bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
13311bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13321bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13331bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
13341bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a8 pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
13351bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000030c5ce0
13361bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000030c5ce0
13371bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F39C902102F30859FF82648A950427FCB81FB124
13381bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
13391bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
13401bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00111~31bf3856ad364e35~amd64~~10.0.16299.15.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
13411bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13421bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
13431bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
13441bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
13451bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
13461bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
13471bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
13481bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
13491bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
13501bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
13511bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
13521bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
13531bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
13541bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
13551bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
13561bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
13571bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
13581bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.125_none_88782a244abc4c60\comctl32.dll)
13591bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.125_none_88782a244abc4c60\comctl32.dll
13601bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
13611bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL [avoiding WinVerifyTrust]
13621bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55840000 LB 0x00020000 C:\Windows\System32\win32u.dll [fFlags=0x0]
13631bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
13641bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55970000 LB 0x0009b000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
13651bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
13661bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa552e0000 LB 0x00193000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
13671bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
13681bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
13691bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
13701bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
13711bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll)
13721bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll
13731bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa57e00000 LB 0x00028000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
13741bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
13751bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa58990000 LB 0x0018f000 C:\Windows\System32\USER32.dll [fFlags=0x0]
13761bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa39610000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
13771bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
13781bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa39680000 LB 0x0011e000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
13791bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
13801bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa556f0000 LB 0x0004a000 C:\Windows\System32\cfgmgr32.dll [fFlags=0x0]
13811bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
13821bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
13831bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56430000 LB 0x00308000 C:\Windows\System32\combase.dll [fFlags=0x0]
13841bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
13851bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa58c30000 LB 0x000a6000 C:\Windows\System32\shcore.dll [fFlags=0x0]
13861bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13871bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'rpcrt4.dll'.
13881bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'combase.dll'.
13891bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
13901bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
13911bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa567b0000 LB 0x00051000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
13921bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
13931bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa551d0000 LB 0x00011000 C:\Windows\System32\kernel.appcore.dll [fFlags=0x0]
13941bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
13951bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
13961bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
13971bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
13981bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55210000 LB 0x0004c000 C:\Windows\System32\powrprof.dll [fFlags=0x0]
13991bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
14001bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
14011bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
14021bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa55a10000 LB 0x00747000 C:\Windows\System32\windows.storage.dll [fFlags=0x0]
14031bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14041bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
14051bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'combase.dll'.
14061bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'profapi.dll'.
14071bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
14081bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
14091bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa569c0000 LB 0x01436000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
14101bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
14111bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa587a0000 LB 0x00149000 C:\Windows\System32\ole32.dll [fFlags=0x0]
14121bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
14131bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa3ae90000 LB 0x0001b000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
14141bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
14151bd4.1bd0: supR3HardenedDllNotificationCallback: load 0000000076db0000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
14161bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
14171bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa47f80000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
14181bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
14191bd4.1bd0: supR3HardenedDllNotificationCallback: load 0000000077320000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
14201bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
14211bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa547d0000 LB 0x00039000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
14221bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL [avoiding WinVerifyTrust]
14231bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa4b140000 LB 0x00086000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
14241bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
14251bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa4d400000 LB 0x000a6000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.125_none_88782a244abc4c60\COMCTL32.dll [fFlags=0x0]
14261bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.125_none_88782a244abc4c60\comctl32.dll [avoiding WinVerifyTrust]
14271bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa58b20000 LB 0x0010a000 C:\Windows\System32\COMDLG32.dll [fFlags=0x0]
14281bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll [avoiding WinVerifyTrust]
14291bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa4d4b0000 LB 0x00051000 C:\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll [fFlags=0x0]
14301bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5PrintSupportVBox.dll
14311bd4.1bd0: supR3HardenedDllNotificationCallback: load 0000000077890000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
14321bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
14331bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa57e30000 LB 0x000c5000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
14341bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
14351bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa51d50000 LB 0x0002a000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
14361bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
14371bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa51d80000 LB 0x00023000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
14381bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
14391bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa46460000 LB 0x00a33000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
14401bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
14411bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
14421bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
14431bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
14441bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
14451bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
14461bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
14471bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
14481bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
14491bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
14501bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
14511bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
14521bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
14531bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.125_none_88782a244abc4c60\comctl32.dll'.
14541bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.16299.125_none_88782a244abc4c60\comctl32.dll' [rescheduled]
14551bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
14561bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
14571bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
14581bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rescheduled]
14591bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL'.
14601bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL' [rescheduled]
14611bd4.1bd0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
14621bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rescheduled]
14631bd4.1bd0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll'.
14641bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rescheduled]
14651bd4.1bd0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
14661bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
14671bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
14681bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
14691bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
14701bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
14711bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
14721bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
14731bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
14741bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
14751bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
14761bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
14771bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
14781bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
14791bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
14801bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
14811bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
14821bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
14831bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
14841bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
14851bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
14861bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
14871bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
14881bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14891bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14921bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14941bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14951bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14961bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14971bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14981bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
14991bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
15001bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
15011bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
15021bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
15031bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15041bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15051bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15061bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15071bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15081bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15091bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
15101bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
15111bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
15121bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15131bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15141bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15151bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15161bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
15171bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
15181bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
15191bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
15201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
15211bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
15221bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
15231bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
15241bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15251bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15261bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15271bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15281bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
15291bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
15301bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
15311bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15321bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15331bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
15341bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15351bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa584f0000 'C:\Windows\System32\kernel32.dll'
15361bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
15371bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15381bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-string-l1-1-0'
15391bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
15401bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15411bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-datetime-l1-1-1'
15421bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
15431bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15441bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa55480000 'api-ms-win-core-localization-obsolete-l1-2-0'
15451bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
15461bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
15471bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
15481bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
15491bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
15501bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15511bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15521bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
15531bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
15541bd4.1bd0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
15551bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15561bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15571bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15581bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa56340000 LB 0x0002d000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
15591bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
15601bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56340000 'C:\Windows\system32\IMM32.DLL'
15611bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
15621bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
15631bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
15641bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
15651bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\imm32.dll
15661bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15671bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56340000 'C:\Windows\System32\imm32.dll'
15681bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
15691bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15701bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58ce0000 'C:\Windows\System32\ADVAPI32.DLL'
15711bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa46460000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
15721bd4.1bd0: SUPR3HardenedMain: Calling TrustedMain (00007ffa464614f0)...
15731bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
15741bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15751bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
15761bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
15771bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
15781bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
15791bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
15801bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
15811bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
15821bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
15831bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
15841bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
15851bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
15861bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
15871bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15881bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15891bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15911bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
15921bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15941bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
15951bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15961bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15971bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
15981bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15991bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
16001bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
16011bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16021bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16031bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
16041bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
16051bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
16061bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
16071bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
16081bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
16091bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
16101bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
16111bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
16121bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
16131bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16141bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16151bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
16161bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16171bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16181bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
16191bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16211bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
16221bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
16231bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
16241bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
16251bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16261bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
16271bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa49490000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
16281bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
16291bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa49490000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
16301bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000690 pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16311bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000030c5ce0
16321bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000030c5ce0
16331bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB199956403E78CE61C981F6BA97CA632BE55AC
16341bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
16351bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
16361bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00114~31bf3856ad364e35~amd64~~10.0.16299.15.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
16371bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16381bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16391bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
16401bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
16411bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) WinVerifyTrust
16421bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16431bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16441bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16451bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16461bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16471bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16481bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16491bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
16501bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
16511bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16521bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa53310000 LB 0x00095000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
16531bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16541bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa53310000 'C:\Windows\system32\uxtheme.dll'
16551bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58990000 'C:\Windows\system32\user32.dll'
16561bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
16571bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16581bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa569c0000 'C:\Windows\system32\shell32.dll'
16591bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [redoing WinVerifyTrust]
16601bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
16611bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
16621bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'
16631bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16641bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58c30000 'C:\Windows\system32\SHCore.dll'
16651bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
16661bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
16671bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16681bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
16691bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
16701bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
16711bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll)
16721bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
16731bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa53580000 LB 0x0002a000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
16741bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
16751bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16761bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16771bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16781bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16791bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
16801bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
16811bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
16821bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16831bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16841bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
16851bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
16861bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dwmapi.dll'
16871bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
16881bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16891bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa51d80000 'C:\Windows\system32\winmm.dll'
16901bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
16911bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16921bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa51d80000 'C:\Windows\system32\winmm.dll'
16931bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
16941bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16951bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa569c0000 'C:\Windows\system32\shell32.dll'
16961bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
16971bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16981bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa53310000 'C:\Windows\system32\uxtheme.dll'
16991bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
17001bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17011bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58ce0000 'C:\Windows\system32\advapi32.dll'
17021bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
17031bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
17041bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
17051bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'profapi.dll'.
17061bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) WinVerifyTrust
17071bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
17081bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
17091bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
17101bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
17111bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17121bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17131bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17141bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
17151bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa550b0000 LB 0x00029000 C:\Windows\system32\userenv.dll [fFlags=0x0]
17161bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
17171bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa550b0000 'C:\Windows\system32\userenv.dll'
17181bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
17191bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17201bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa584f0000 'C:\Windows\System32\kernel32.dll'
17211bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa58d90000 LB 0x0009e000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
17221bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17231bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
17241bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
17251bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
17261bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17271bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17281bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
17291bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17301bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17311bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
17321bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
17331bd4.1e70: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
17341bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
17351bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
17361bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
17371bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
17381bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
17391bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
17401bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
17411bd4.1e70: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
17421bd4.1e70: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
17431bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17441bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17451bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
17461bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17471bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17481bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
17491bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17501bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17511bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17521bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17531bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17541bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17551bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
17561bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17571bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17581bd4.1e70: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
17591bd4.1e70: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
17601bd4.1e70: supR3HardenedDllNotificationCallback: load 00007ffa473f0000 LB 0x00544000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
17611bd4.1e70: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
17621bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa473f0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
17631bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
17641bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
17651bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
17661bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
17671bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
17681bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
17691bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
17701bd4.1e70: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
17711bd4.1e70: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
17721bd4.1e70: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
17731bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17741bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17751bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17761bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17771bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
17781bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17791bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17801bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
17811bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
17821bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
17831bd4.1e70: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [redoing WinVerifyTrust]
17841bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
17851bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
17861bd4.1e70: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
17871bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17881bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17891bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17901bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17911bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17921bd4.1e70: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17931bd4.1e70: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
17941bd4.1e70: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
17951bd4.1e70: supR3HardenedDllNotificationCallback: load 00007ffa4d340000 LB 0x000ba000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
17961bd4.1e70: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
17971bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa4d340000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
17981bd4.1e70: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
17991bd4.1e70: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
18001bd4.1e70: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa57e30000 'C:\Windows\System32\oleaut32.dll'
18011bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
18021bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18031bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa57e00000 'C:\Windows\system32\gdi32.dll'
18041bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
18051bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18061bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa569c0000 'C:\Windows\system32\shell32.dll'
18071bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa585b0000 LB 0x00167000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
18081bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18091bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'.
18101bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
18111bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
18121bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'.
18131bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
18141bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
18151bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
18161bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
18171bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
18181bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18191bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18201bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18211bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18221bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
18231bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
18241bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
18251bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18261bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18271bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
18281bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
18291bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
18301bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009a4 pwszName=\Device\HarddiskVolume4\Windows\System32\DataExchange.dll
18311bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000030c5ce0
18321bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000030c5ce0
18331bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87FA668FC207CB724FFDD342C6B5B8D273E3498D
18341bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
18351bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
18361bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0010~31bf3856ad364e35~amd64~~10.0.16299.15.cat'; file='\Device\HarddiskVolume4\Windows\System32\DataExchange.dll'
18371bd4.1bd0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
18381bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18391bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
18401bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'combase.dll'.
18411bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'd3d11.dll'.
18421bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'dcomp.dll'.
18431bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) WinVerifyTrust
18441bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
18451bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
18461bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
18471bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
18481bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
18491bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
18501bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
18511bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) WinVerifyTrust
18521bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll
18531bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
18541bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
18551bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18561bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18571bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18581bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18591bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
18601bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
18611bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
18621bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18631bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'.
18641bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'win32u.dll'.
18651bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) WinVerifyTrust
18661bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll
18671bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
18681bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
18691bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
18701bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18711bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18721bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
18731bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
18741bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
18751bd4.1bd0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\dxgi.dll'.
18761bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18771bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
18781bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll)
18791bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll
18801bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18811bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18821bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18831bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18841bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
18851bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18861bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18871bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
18881bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
18891bd4.1bd0: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
18901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
18911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
18921bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
18931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18941bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18951bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
18961bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
18971bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
18981bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
18991bd4.1bd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
19001bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa53fd0000 LB 0x000af000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
19011bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
19021bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa522d0000 LB 0x002e1000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
19031bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
19041bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa52c60000 LB 0x00142000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
19051bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
19061bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa371b0000 LB 0x0004f000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
19071bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
19081bd4.1bd0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\dxgi.dll'.
19091bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rescheduled]
19101bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa57e00000 'C:\Windows\System32\gdi32.dll'
19111bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa371b0000 'C:\Windows\system32\dataexchange.dll'
19121bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19131bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rmclient.dll'.
19141bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
19151bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcrypt.dll'.
19161bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
19171bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll)
19181bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll
19191bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19201bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
19211bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rmclient.dll)
19221bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rmclient.dll
19231bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa535b0000 LB 0x00020000 C:\Windows\system32\RMCLIENT.dll [fFlags=0x0]
19241bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
19251bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa53600000 LB 0x0017b000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
19261bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
19271bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19281bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'coreuicomponents.dll'.
19291bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'coremessaging.dll'.
19301bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll)
19311bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
19321bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19331bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
19341bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
19351bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll)
19361bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
19371bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19381bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
19391bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll)
19401bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
19411bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll)
19421bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll
19431bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
19441bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
19451bd4.1bd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'bcryptprimitives.dll'.
19461bd4.1bd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
19471bd4.1bd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
19481bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa542f0000 LB 0x00031000 C:\Windows\SYSTEM32\ntmarta.dll [fFlags=0x0]
19491bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
19501bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa52b80000 LB 0x000dd000 C:\Windows\System32\CoreMessaging.dll [fFlags=0x0]
19511bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
19521bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa51000000 LB 0x00136000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
19531bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
19541bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa511d0000 LB 0x002ee000 C:\Windows\System32\CoreUIComponents.dll [fFlags=0x0]
19551bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
19561bd4.1bd0: supR3HardenedDllNotificationCallback: load 00007ffa41300000 LB 0x00098000 C:\Windows\System32\TextInputFramework.dll [fFlags=0x0]
19571bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
19581bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
19591bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
19601bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
19611bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19621bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19631bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19641bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19651bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
19661bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19671bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19681bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19691bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19701bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
19711bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
19721bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
19731bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
19741bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
19751bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
19761bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19771bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19781bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
19791bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
19801bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
19811bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
19821bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
19831bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
19841bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19851bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19861bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19871bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19881bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19891bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19901bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19911bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19921bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
19931bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
19941bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
19951bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
19961bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19971bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19981bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
19991bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume4\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
20001bd4.1bd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
20011bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20021bd4.1bd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20031bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20041bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20051bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\WinTypes.dll'
20061bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20071bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20081bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntmarta.dll'
20091bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
20101bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20111bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20121bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20131bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll'
20141bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20151bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20161bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll'
20171bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20181bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20191bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll'
20201bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20211bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20221bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rmclient.dll'
20231bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa545f0000 'C:\Windows\system32\rsaenh.dll'
20241bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56160000 'C:\Windows\System32\crypt32.dll'
20251bd4.1bd0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll'
20261bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
20271bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20281bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa57e30000 'C:\Windows\System32\OLEAUT32.DLL'
20291bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
20301bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20311bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58990000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
20321bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
20331bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20341bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa58990000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
20351bd4.1bd0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
20361bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20371bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa56430000 'api-ms-win-core-com-l1-1-0.dll'
20381bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
20391bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20401bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa585b0000 'C:\Windows\System32\MSCTF.dll'
20411bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa569c0000 'C:\Windows\system32\shell32.dll'
20421bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa569c0000 'C:\Windows\system32\shell32.dll'
20431bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
20441bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwmapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20451bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa53580000 'C:\Windows\system32\dwmapi.dll'
20461bd4.1bd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
20471bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20481bd4.1bd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa53310000 'C:\Windows\system32\uxtheme.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy