VirtualBox

Ticket #19085: VBoxHardening.log

File VBoxHardening.log, 295.1 KB (added by Emailx45, 5 years ago)
Line 
12690.1334: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047ba00
22690.1334: \SystemRoot\System32\ntdll.dll:
32690.1334: CreationTime: 2019-10-09T01:36:29.202644000Z
42690.1334: LastWriteTime: 2019-10-09T01:36:29.233892100Z
52690.1334: ChangeTime: 2019-11-13T02:35:35.364972700Z
62690.1334: FileAttributes: 0x20
72690.1334: Size: 0x1e8528
82690.1334: NT Headers: 0xd8
92690.1334: Timestamp: 0x99ca0526
102690.1334: Machine: 0x8664 - amd64
112690.1334: Timestamp: 0x99ca0526
122690.1334: Image Version: 10.0
132690.1334: SizeOfImage: 0x1f0000 (2031616)
142690.1334: Resource Dir: 0x17f000 LB 0x6f310
152690.1334: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
162690.1334: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
172690.1334: ProductName: Microsoft® Windows® Operating System
182690.1334: ProductVersion: 10.0.18362.418
192690.1334: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
202690.1334: FileDescription: NT Layer DLL
212690.1334: \SystemRoot\System32\kernel32.dll:
222690.1334: CreationTime: 2019-09-11T00:49:25.121987800Z
232690.1334: LastWriteTime: 2019-09-11T00:49:25.153237900Z
242690.1334: ChangeTime: 2019-11-13T02:35:35.193080500Z
252690.1334: FileAttributes: 0x20
262690.1334: Size: 0xb0570
272690.1334: NT Headers: 0xe8
282690.1334: Timestamp: 0xd0cecc10
292690.1334: Machine: 0x8664 - amd64
302690.1334: Timestamp: 0xd0cecc10
312690.1334: Image Version: 10.0
322690.1334: SizeOfImage: 0xb2000 (729088)
332690.1334: Resource Dir: 0xb0000 LB 0x520
342690.1334: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
352690.1334: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
362690.1334: ProductName: Microsoft® Windows® Operating System
372690.1334: ProductVersion: 10.0.18362.329
382690.1334: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
392690.1334: FileDescription: Windows NT BASE API Client DLL
402690.1334: \SystemRoot\System32\KernelBase.dll:
412690.1334: CreationTime: 2019-11-13T02:35:10.754343700Z
422690.1334: LastWriteTime: 2019-11-13T02:35:10.816861100Z
432690.1334: ChangeTime: 2019-11-13T02:36:57.516037700Z
442690.1334: FileAttributes: 0x20
452690.1334: Size: 0x2a2908
462690.1334: NT Headers: 0xf0
472690.1334: Timestamp: 0x83c3d83a
482690.1334: Machine: 0x8664 - amd64
492690.1334: Timestamp: 0x83c3d83a
502690.1334: Image Version: 10.0
512690.1334: SizeOfImage: 0x2a3000 (2764800)
522690.1334: Resource Dir: 0x27d000 LB 0x548
532690.1334: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
542690.1334: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
552690.1334: ProductName: Microsoft® Windows® Operating System
562690.1334: ProductVersion: 10.0.18362.476
572690.1334: FileVersion: 10.0.18362.476 (WinBuild.160101.0800)
582690.1334: FileDescription: Windows NT BASE API Client DLL
592690.1334: \SystemRoot\System32\apisetschema.dll:
602690.1334: CreationTime: 2019-03-19T04:43:54.837151500Z
612690.1334: LastWriteTime: 2019-03-19T04:43:54.837151500Z
622690.1334: ChangeTime: 2019-11-13T02:35:35.177454100Z
632690.1334: FileAttributes: 0x20
642690.1334: Size: 0x1d028
652690.1334: NT Headers: 0xc8
662690.1334: Timestamp: 0xd6ced080
672690.1334: Machine: 0x8664 - amd64
682690.1334: Timestamp: 0xd6ced080
692690.1334: Image Version: 10.0
702690.1334: SizeOfImage: 0x1e000 (122880)
712690.1334: Resource Dir: 0x1d000 LB 0x408
722690.1334: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
732690.1334: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
742690.1334: ProductName: Microsoft® Windows® Operating System
752690.1334: ProductVersion: 10.0.18362.1
762690.1334: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
772690.1334: FileDescription: ApiSet Schema DLL
782690.1334: NtOpenDirectoryObject failed on \Driver: 0xc0000022
792690.1334: supR3HardenedWinFindAdversaries: 0x40
802690.1334: \SystemRoot\System32\drivers\klflt.sys:
812690.1334: CreationTime: 2019-09-11T01:46:54.861439200Z
822690.1334: LastWriteTime: 2019-10-31T03:07:58.189740800Z
832690.1334: ChangeTime: 2019-10-31T03:07:58.189740800Z
842690.1334: FileAttributes: 0x20
852690.1334: Size: 0x3d678
862690.1334: NT Headers: 0x100
872690.1334: Timestamp: 0xddaa7cbc
882690.1334: Machine: 0x8664 - amd64
892690.1334: Timestamp: 0xddaa7cbc
902690.1334: Image Version: 6.1
912690.1334: SizeOfImage: 0x4a000 (303104)
922690.1334: Resource Dir: 0x47000 LB 0x418
932690.1334: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
942690.1334: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
952690.1334: ProductName: Coretech Delivery
962690.1334: ProductVersion: 30.112.90.0
972690.1334: FileVersion: 30.112.90.0
982690.1334: FileDescription: Filter Core [fre_win7_amd64]
992690.1334: \SystemRoot\System32\drivers\klif.sys:
1002690.1334: CreationTime: 2019-09-11T01:46:55.142665900Z
1012690.1334: LastWriteTime: 2019-10-31T03:07:18.219985900Z
1022690.1334: ChangeTime: 2019-10-31T03:07:18.219985900Z
1032690.1334: FileAttributes: 0x20
1042690.1334: Size: 0xf3a80
1052690.1334: NT Headers: 0xf8
1062690.1334: Timestamp: 0x5da6282c
1072690.1334: Machine: 0x8664 - amd64
1082690.1334: Timestamp: 0x5da6282c
1092690.1334: Image Version: 6.1
1102690.1334: SizeOfImage: 0xf4000 (999424)
1112690.1334: Resource Dir: 0xeb000 LB 0x33f8
1122690.1334: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
1132690.1334: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
1142690.1334: ProductName: Coretech Delivery
1152690.1334: ProductVersion: 30.112.90.0
1162690.1334: FileVersion: 30.112.90.0
1172690.1334: FileDescription: Core System Interceptors [fre_win7_amd64]
1182690.1334: \SystemRoot\System32\drivers\klim6.sys:
1192690.1334: CreationTime: 2019-03-19T10:21:06.000000000Z
1202690.1334: LastWriteTime: 2019-03-19T10:21:06.000000000Z
1212690.1334: ChangeTime: 2019-09-11T01:47:10.360437600Z
1222690.1334: FileAttributes: 0x20
1232690.1334: Size: 0xe350
1242690.1334: NT Headers: 0xe0
1252690.1334: Timestamp: 0x54ad405e
1262690.1334: Machine: 0x8664 - amd64
1272690.1334: Timestamp: 0x54ad405e
1282690.1334: Image Version: 6.1
1292690.1334: SizeOfImage: 0xb000 (45056)
1302690.1334: Resource Dir: 0x9000 LB 0x430
1312690.1334: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1322690.1334: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
1332690.1334: ProductName: Coretech Delivery
1342690.1334: ProductVersion: 30.0.3724.0
1352690.1334: FileVersion: 30.0.3724.0
1362690.1334: FileDescription: Packet Network Filter [fre_win7_amd64]
1372690.1334: \SystemRoot\System32\drivers\klkbdflt.sys:
1382690.1334: CreationTime: 2019-03-18T05:11:30.000000000Z
1392690.1334: LastWriteTime: 2019-03-18T05:11:30.000000000Z
1402690.1334: ChangeTime: 2019-09-11T01:47:09.969813900Z
1412690.1334: FileAttributes: 0x20
1422690.1334: Size: 0x13550
1432690.1334: NT Headers: 0xf8
1442690.1334: Timestamp: 0x79cc11d7
1452690.1334: Machine: 0x8664 - amd64
1462690.1334: Timestamp: 0x79cc11d7
1472690.1334: Image Version: 6.1
1482690.1334: SizeOfImage: 0x12000 (73728)
1492690.1334: Resource Dir: 0x10000 LB 0x438
1502690.1334: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1512690.1334: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
1522690.1334: ProductName: Coretech Delivery
1532690.1334: ProductVersion: 30.0.3716.0
1542690.1334: FileVersion: 30.0.3716.0
1552690.1334: FileDescription: Keyboard Device Filter [fre_win7_amd64]
1562690.1334: \SystemRoot\System32\drivers\klmouflt.sys:
1572690.1334: CreationTime: 2019-03-18T04:50:34.000000000Z
1582690.1334: LastWriteTime: 2019-03-18T04:50:34.000000000Z
1592690.1334: ChangeTime: 2019-09-11T01:47:09.907319300Z
1602690.1334: FileAttributes: 0x20
1612690.1334: Size: 0xe878
1622690.1334: NT Headers: 0xe8
1632690.1334: Timestamp: 0xab7b625
1642690.1334: Machine: 0x8664 - amd64
1652690.1334: Timestamp: 0xab7b625
1662690.1334: Image Version: 6.1
1672690.1334: SizeOfImage: 0xe000 (57344)
1682690.1334: Resource Dir: 0xc000 LB 0x430
1692690.1334: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1702690.1334: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
1712690.1334: ProductName: Coretech Delivery
1722690.1334: ProductVersion: 30.0.3716.0
1732690.1334: FileVersion: 30.0.3716.0
1742690.1334: FileDescription: Mouse Device Filter [fre_win7_amd64]
1752690.1334: \SystemRoot\System32\drivers\kneps.sys:
1762690.1334: CreationTime: 2019-03-19T05:31:38.000000000Z
1772690.1334: LastWriteTime: 2019-03-19T05:31:38.000000000Z
1782690.1334: ChangeTime: 2019-09-11T01:47:09.579234900Z
1792690.1334: FileAttributes: 0x20
1802690.1334: Size: 0x38b50
1812690.1334: NT Headers: 0x108
1822690.1334: Timestamp: 0x7aa255dc
1832690.1334: Machine: 0x8664 - amd64
1842690.1334: Timestamp: 0x7aa255dc
1852690.1334: Image Version: 6.1
1862690.1334: SizeOfImage: 0x38000 (229376)
1872690.1334: Resource Dir: 0x35000 LB 0x428
1882690.1334: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1892690.1334: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
1902690.1334: ProductName: Coretech Delivery
1912690.1334: ProductVersion: 30.0.3731.0
1922690.1334: FileVersion: 30.0.3731.0
1932690.1334: FileDescription: Network Processor [fre_win7_amd64]
1942690.1334: \SystemRoot\System32\klfphc.dll:
1952690.1334: CreationTime: 2019-09-11T01:47:08.829208200Z
1962690.1334: LastWriteTime: 2013-05-06T11:13:26.000000000Z
1972690.1334: ChangeTime: 2019-09-11T01:46:59.532960800Z
1982690.1334: FileAttributes: 0x20
1992690.1334: Size: 0x1ae60
2002690.1334: NT Headers: 0xe8
2012690.1334: Timestamp: 0x51873bf2
2022690.1334: Machine: 0x8664 - amd64
2032690.1334: Timestamp: 0x51873bf2
2042690.1334: Image Version: 0.0
2052690.1334: SizeOfImage: 0x1d000 (118784)
2062690.1334: Resource Dir: 0x18000 LB 0x3c80
2072690.1334: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
2082690.1334: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
2092690.1334: ProductName: Kaspersky™ Anti-Virus ®
2102690.1334: ProductVersion: 1.0.0.12
2112690.1334: FileVersion: 1.0.0.12
2122690.1334: FileDescription: Filtering Platform Helper Class
2132690.1334: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
2142690.1334: Calling main()
2152690.1334: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
2162690.1334: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
2172690.1334: SUPR3HardenedMain: Respawn #1
2182690.1334: System32: \Device\HarddiskVolume4\Windows\System32
2192690.1334: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
2202690.1334: KnownDllPath: C:\Windows\System32
2212690.1334: supR3HardenedWinInit: Performing a limited self purification...
2222690.1334: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
2232690.1334: *0000000000000000-0000000000f0ffff 0x0001/0x0000 0x0000000
2242690.1334: *0000000000f10000-0000000000f1ffff 0x0004/0x0004 0x0040000
2252690.1334: 0000000000f20000-0000000000f2ffff 0x0001/0x0000 0x0000000
2262690.1334: *0000000000f30000-0000000000f4afff 0x0002/0x0002 0x0040000
2272690.1334: 0000000000f4b000-0000000000f4ffff 0x0001/0x0000 0x0000000
2282690.1334: *0000000000f50000-0000000000f53fff 0x0002/0x0002 0x0040000
2292690.1334: 0000000000f54000-0000000000f5ffff 0x0001/0x0000 0x0000000
2302690.1334: *0000000000f60000-0000000000f61fff 0x0004/0x0004 0x0020000
2312690.1334: 0000000000f62000-0000000000f8ffff 0x0001/0x0000 0x0000000
2322690.1334: *0000000000f90000-0000000000f9efff 0x0004/0x0004 0x0020000
2332690.1334: 0000000000f9f000-0000000000f9ffff 0x0000/0x0004 0x0020000
2342690.1334: *0000000000fa0000-0000000000fa1fff 0x0004/0x0004 0x0020000
2352690.1334: 0000000000fa2000-0000000000fd1fff 0x0000/0x0004 0x0020000
2362690.1334: 0000000000fd2000-0000000000ffffff 0x0001/0x0000 0x0000000
2372690.1334: *0000000001000000-0000000001033fff 0x0000/0x0004 0x0020000
2382690.1334: 0000000001034000-0000000001036fff 0x0004/0x0004 0x0020000
2392690.1334: 0000000001037000-00000000011fffff 0x0000/0x0004 0x0020000
2402690.1334: *0000000001200000-00000000012b0fff 0x0000/0x0004 0x0020000
2412690.1334: 00000000012b1000-00000000012b3fff 0x0104/0x0004 0x0020000
2422690.1334: 00000000012b4000-00000000012fffff 0x0004/0x0004 0x0020000
2432690.1334: 0000000001300000-000000000137ffff 0x0001/0x0000 0x0000000
2442690.1334: *0000000001380000-0000000001384fff 0x0004/0x0004 0x0020000
2452690.1334: 0000000001385000-000000000147ffff 0x0000/0x0004 0x0020000
2462690.1334: *0000000001480000-0000000001546fff 0x0002/0x0002 0x0040000
2472690.1334: 0000000001547000-000000000154ffff 0x0001/0x0000 0x0000000
2482690.1334: *0000000001550000-0000000001557fff 0x0000/0x0004 0x0020000
2492690.1334: 0000000001558000-0000000001748fff 0x0004/0x0004 0x0020000
2502690.1334: 0000000001749000-0000000001749fff 0x0000/0x0004 0x0020000
2512690.1334: 000000000174a000-000000000174ffff 0x0001/0x0000 0x0000000
2522690.1334: *0000000001750000-000000000176cfff 0x0004/0x0004 0x0020000
2532690.1334: 000000000176d000-000000000184ffff 0x0000/0x0004 0x0020000
2542690.1334: 0000000001850000-000000007ffdffff 0x0001/0x0000 0x0000000
2552690.1334: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2562690.1334: *000000007ffe1000-000000007ffe1fff 0x0002/0x0002 0x0020000
2572690.1334: 000000007ffe2000-00007ff45dc9ffff 0x0001/0x0000 0x0000000
2582690.1334: *00007ff45dca0000-00007ff45dca4fff 0x0002/0x0002 0x0040000
2592690.1334: 00007ff45dca5000-00007ff45dd9ffff 0x0000/0x0002 0x0040000
2602690.1334: *00007ff45dda0000-00007ff55ddbffff 0x0000/0x0004 0x0020000
2612690.1334: *00007ff55ddc0000-00007ff55fdbffff 0x0000/0x0004 0x0020000
2622690.1334: 00007ff55fdc0000-00007ff55fdc0fff 0x0004/0x0004 0x0020000
2632690.1334: 00007ff55fdc1000-00007ff55fdcffff 0x0001/0x0000 0x0000000
2642690.1334: *00007ff55fdd0000-00007ff55fdd0fff 0x0002/0x0002 0x0040000
2652690.1334: 00007ff55fdd1000-00007ff55fddffff 0x0001/0x0000 0x0000000
2662690.1334: *00007ff55fde0000-00007ff55fe02fff 0x0002/0x0002 0x0040000
2672690.1334: 00007ff55fe03000-00007ff746e8ffff 0x0001/0x0000 0x0000000
2682690.1334: *00007ff746e90000-00007ff746e90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2692690.1334: 00007ff746e91000-00007ff746f05fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2702690.1334: 00007ff746f06000-00007ff746f06fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2712690.1334: 00007ff746f07000-00007ff746f4efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2722690.1334: 00007ff746f4f000-00007ff746f51fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2732690.1334: 00007ff746f52000-00007ff746f54fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2742690.1334: 00007ff746f55000-00007ff746f57fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2752690.1334: 00007ff746f58000-00007ff746f58fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2762690.1334: 00007ff746f59000-00007ff746f5afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2772690.1334: 00007ff746f5b000-00007ff746f5bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2782690.1334: 00007ff746f5c000-00007ff746fa4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
2792690.1334: 00007ff746fa5000-00007ffe4433ffff 0x0001/0x0000 0x0000000
2802690.1334: *00007ffe44340000-00007ffe44340fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2812690.1334: 00007ffe44341000-00007ffe44445fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2822690.1334: 00007ffe44446000-00007ffe445a7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2832690.1334: 00007ffe445a8000-00007ffe445abfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2842690.1334: 00007ffe445ac000-00007ffe445acfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2852690.1334: 00007ffe445ad000-00007ffe445e2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2862690.1334: 00007ffe445e3000-00007ffe4537ffff 0x0001/0x0000 0x0000000
2872690.1334: *00007ffe45380000-00007ffe45380fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2882690.1334: 00007ffe45381000-00007ffe453f5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2892690.1334: 00007ffe453f6000-00007ffe45427fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2902690.1334: 00007ffe45428000-00007ffe45428fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2912690.1334: 00007ffe45429000-00007ffe45429fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2922690.1334: 00007ffe4542a000-00007ffe45431fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2932690.1334: 00007ffe45432000-00007ffe46fbffff 0x0001/0x0000 0x0000000
2942690.1334: *00007ffe46fc0000-00007ffe46fc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2952690.1334: 00007ffe46fc1000-00007ffe470d7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2962690.1334: 00007ffe470d8000-00007ffe4711efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2972690.1334: 00007ffe4711f000-00007ffe4711ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2982690.1334: 00007ffe47120000-00007ffe47121fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
2992690.1334: 00007ffe47122000-00007ffe4712afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3002690.1334: 00007ffe4712b000-00007ffe471affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3012690.1334: 00007ffe471b0000-00007ffffffeffff 0x0001/0x0000 0x0000000
3022690.1334: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
3032690.1334: kernelbase.dll: timestamp 0x83c3d83a (rc=VINF_SUCCESS)
3042690.1334: VirtualBoxVM.exe: timestamp 0x5d9f7c37 (rc=VINF_SUCCESS)
3052690.1334: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
3062690.1334: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
3072690.1334: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
3082690.1334: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
3092690.1334: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe)
3102690.1334: supR3HardNtEnableThreadCreationEx:
3112690.1334: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe470317f0 pvNtTerminateThread=00007ffe4705cb10
3122690.1334: supR3HardenedWinDoReSpawn(1): New child 1f88.4e8 [kernel32].
3132690.1334: supR3HardNtChildGatherData: PebBaseAddress=0000000000de3000 cbPeb=0x388
3142690.1334: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffe46fc0000 uNtDllChildAddr=00007ffe46fc0000
3152690.1334: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffe470317f0
3162690.1334: supR3HardenedWinSetupChildInit: Start child.
3172690.1334: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
3182690.1334: supR3HardNtChildPurify: Startup delay kludge #1/0: 517 ms, 60 sleeps
3192690.1334: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3202690.1334: *0000000000000000-0000000000b8ffff 0x0001/0x0000 0x0000000
3212690.1334: *0000000000b90000-0000000000baffff 0x0004/0x0004 0x0020000
3222690.1334: *0000000000bb0000-0000000000bcafff 0x0002/0x0002 0x0040000
3232690.1334: 0000000000bcb000-0000000000bcffff 0x0001/0x0000 0x0000000
3242690.1334: *0000000000bd0000-0000000000bd3fff 0x0002/0x0002 0x0040000
3252690.1334: 0000000000bd4000-0000000000bdffff 0x0001/0x0000 0x0000000
3262690.1334: *0000000000be0000-0000000000be1fff 0x0004/0x0004 0x0020000
3272690.1334: 0000000000be2000-0000000000bfffff 0x0001/0x0000 0x0000000
3282690.1334: *0000000000c00000-0000000000de2fff 0x0000/0x0004 0x0020000
3292690.1334: 0000000000de3000-0000000000de5fff 0x0004/0x0004 0x0020000
3302690.1334: 0000000000de6000-0000000000dfffff 0x0000/0x0004 0x0020000
3312690.1334: *0000000000e00000-0000000000efafff 0x0000/0x0004 0x0020000
3322690.1334: 0000000000efb000-0000000000efdfff 0x0104/0x0004 0x0020000
3332690.1334: 0000000000efe000-0000000000efffff 0x0004/0x0004 0x0020000
3342690.1334: 0000000000f00000-000000007ffdffff 0x0001/0x0000 0x0000000
3352690.1334: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
3362690.1334: *000000007ffe1000-000000007ffe1fff 0x0002/0x0002 0x0020000
3372690.1334: 000000007ffe2000-00007ff539caffff 0x0001/0x0000 0x0000000
3382690.1334: *00007ff539cb0000-00007ff539cb0fff 0x0002/0x0002 0x0040000
3392690.1334: 00007ff539cb1000-00007ff539cbffff 0x0001/0x0000 0x0000000
3402690.1334: *00007ff539cc0000-00007ff539ce2fff 0x0002/0x0002 0x0040000
3412690.1334: 00007ff539ce3000-00007ff746e8ffff 0x0001/0x0000 0x0000000
3422690.1334: *00007ff746e90000-00007ff746e90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3432690.1334: 00007ff746e91000-00007ff746f05fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3442690.1334: 00007ff746f06000-00007ff746f06fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3452690.1334: 00007ff746f07000-00007ff746f4efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3462690.1334: 00007ff746f4f000-00007ff746f4ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3472690.1334: 00007ff746f50000-00007ff746f50fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3482690.1334: 00007ff746f51000-00007ff746f55fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3492690.1334: 00007ff746f56000-00007ff746f56fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3502690.1334: 00007ff746f57000-00007ff746f57fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3512690.1334: 00007ff746f58000-00007ff746f5bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3522690.1334: 00007ff746f5c000-00007ff746fa4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3532690.1334: 00007ff746fa5000-00007ffe46fbffff 0x0001/0x0000 0x0000000
3542690.1334: *00007ffe46fc0000-00007ffe46fc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3552690.1334: 00007ffe46fc1000-00007ffe470d7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3562690.1334: 00007ffe470d8000-00007ffe4711efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3572690.1334: 00007ffe4711f000-00007ffe4712afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3582690.1334: 00007ffe4712b000-00007ffe47139fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3592690.1334: 00007ffe4713a000-00007ffe4713afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3602690.1334: 00007ffe4713b000-00007ffe4713dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3612690.1334: 00007ffe4713e000-00007ffe471affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3622690.1334: 00007ffe471b0000-00007ffffffeffff 0x0001/0x0000 0x0000000
3632690.1334: supR3HardNtChildPurify: Done after 540 ms and 0 fixes (loop #0).
3641f88.4e8: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
3651f88.4e8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffe46fc0000 g_uNtVerCombined=0xa047ba00
3661f88.4e8: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
3671f88.4e8: New simple heap: #1 0000000001000000 LB 0x400000 (for 2031616 allocation)
3682690.1334: supR3HardNtEnableThreadCreationEx:
3691f88.4e8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
3701f88.4e8: System32: \Device\HarddiskVolume4\Windows\System32
3711f88.4e8: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
3721f88.4e8: KnownDllPath: C:\Windows\System32
3731f88.4e8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
3741f88.4e8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3751f88.4e8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3761f88.4e8: Registered Dll notification callback with NTDLL.
3771f88.4e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
3781f88.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
3791f88.4e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
3801f88.4e8: supR3HardenedDllNotificationCallback: load 00007ffe44340000 LB 0x002a3000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
3811f88.4e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
3821f88.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
3831f88.4e8: supR3HardenedDllNotificationCallback: load 00007ffe45380000 LB 0x000b2000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
3841f88.4e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3851f88.4e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45380000 'C:\Windows\System32\KERNEL32.DLL'
3861f88.4e8: supR3HardenedDllNotificationCallback: load 00007ff746e90000 LB 0x00115000 C:\MeusProgs\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
3871f88.4e8: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
3881f88.4e8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe)
3891f88.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
3901f88.4e8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe470317f0 pvNtTerminateThread=00007ffe4705cb10
3912690.1334: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 87 ms.
3921f88.4e8: \SystemRoot\System32\ntdll.dll:
3931f88.4e8: CreationTime: 2019-10-09T01:36:29.202644000Z
3941f88.4e8: LastWriteTime: 2019-10-09T01:36:29.233892100Z
3951f88.4e8: ChangeTime: 2019-11-13T02:35:35.364972700Z
3961f88.4e8: FileAttributes: 0x20
3971f88.4e8: Size: 0x1e8528
3981f88.4e8: NT Headers: 0xd8
3991f88.4e8: Timestamp: 0x99ca0526
4001f88.4e8: Machine: 0x8664 - amd64
4011f88.4e8: Timestamp: 0x99ca0526
4021f88.4e8: Image Version: 10.0
4031f88.4e8: SizeOfImage: 0x1f0000 (2031616)
4041f88.4e8: Resource Dir: 0x17f000 LB 0x6f310
4051f88.4e8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4061f88.4e8: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
4071f88.4e8: ProductName: Microsoft® Windows® Operating System
4081f88.4e8: ProductVersion: 10.0.18362.418
4091f88.4e8: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
4101f88.4e8: FileDescription: NT Layer DLL
4111f88.4e8: \SystemRoot\System32\kernel32.dll:
4121f88.4e8: CreationTime: 2019-09-11T00:49:25.121987800Z
4131f88.4e8: LastWriteTime: 2019-09-11T00:49:25.153237900Z
4141f88.4e8: ChangeTime: 2019-11-13T02:35:35.193080500Z
4151f88.4e8: FileAttributes: 0x20
4161f88.4e8: Size: 0xb0570
4171f88.4e8: NT Headers: 0xe8
4181f88.4e8: Timestamp: 0xd0cecc10
4191f88.4e8: Machine: 0x8664 - amd64
4201f88.4e8: Timestamp: 0xd0cecc10
4211f88.4e8: Image Version: 10.0
4221f88.4e8: SizeOfImage: 0xb2000 (729088)
4231f88.4e8: Resource Dir: 0xb0000 LB 0x520
4241f88.4e8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4251f88.4e8: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
4261f88.4e8: ProductName: Microsoft® Windows® Operating System
4271f88.4e8: ProductVersion: 10.0.18362.329
4281f88.4e8: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
4291f88.4e8: FileDescription: Windows NT BASE API Client DLL
4301f88.4e8: \SystemRoot\System32\KernelBase.dll:
4311f88.4e8: CreationTime: 2019-11-13T02:35:10.754343700Z
4321f88.4e8: LastWriteTime: 2019-11-13T02:35:10.816861100Z
4331f88.4e8: ChangeTime: 2019-11-13T02:36:57.516037700Z
4341f88.4e8: FileAttributes: 0x20
4351f88.4e8: Size: 0x2a2908
4361f88.4e8: NT Headers: 0xf0
4371f88.4e8: Timestamp: 0x83c3d83a
4381f88.4e8: Machine: 0x8664 - amd64
4391f88.4e8: Timestamp: 0x83c3d83a
4401f88.4e8: Image Version: 10.0
4411f88.4e8: SizeOfImage: 0x2a3000 (2764800)
4421f88.4e8: Resource Dir: 0x27d000 LB 0x548
4431f88.4e8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4441f88.4e8: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
4451f88.4e8: ProductName: Microsoft® Windows® Operating System
4461f88.4e8: ProductVersion: 10.0.18362.476
4471f88.4e8: FileVersion: 10.0.18362.476 (WinBuild.160101.0800)
4481f88.4e8: FileDescription: Windows NT BASE API Client DLL
4491f88.4e8: \SystemRoot\System32\apisetschema.dll:
4501f88.4e8: CreationTime: 2019-03-19T04:43:54.837151500Z
4511f88.4e8: LastWriteTime: 2019-03-19T04:43:54.837151500Z
4521f88.4e8: ChangeTime: 2019-11-13T02:35:35.177454100Z
4531f88.4e8: FileAttributes: 0x20
4541f88.4e8: Size: 0x1d028
4551f88.4e8: NT Headers: 0xc8
4561f88.4e8: Timestamp: 0xd6ced080
4571f88.4e8: Machine: 0x8664 - amd64
4581f88.4e8: Timestamp: 0xd6ced080
4591f88.4e8: Image Version: 10.0
4601f88.4e8: SizeOfImage: 0x1e000 (122880)
4611f88.4e8: Resource Dir: 0x1d000 LB 0x408
4621f88.4e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4631f88.4e8: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
4641f88.4e8: ProductName: Microsoft® Windows® Operating System
4651f88.4e8: ProductVersion: 10.0.18362.1
4661f88.4e8: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
4671f88.4e8: FileDescription: ApiSet Schema DLL
4681f88.4e8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
4691f88.4e8: supR3HardenedWinFindAdversaries: 0x40
4701f88.4e8: \SystemRoot\System32\drivers\klflt.sys:
4711f88.4e8: CreationTime: 2019-09-11T01:46:54.861439200Z
4721f88.4e8: LastWriteTime: 2019-10-31T03:07:58.189740800Z
4731f88.4e8: ChangeTime: 2019-10-31T03:07:58.189740800Z
4741f88.4e8: FileAttributes: 0x20
4751f88.4e8: Size: 0x3d678
4761f88.4e8: NT Headers: 0x100
4771f88.4e8: Timestamp: 0xddaa7cbc
4781f88.4e8: Machine: 0x8664 - amd64
4791f88.4e8: Timestamp: 0xddaa7cbc
4801f88.4e8: Image Version: 6.1
4811f88.4e8: SizeOfImage: 0x4a000 (303104)
4821f88.4e8: Resource Dir: 0x47000 LB 0x418
4831f88.4e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4841f88.4e8: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
4851f88.4e8: ProductName: Coretech Delivery
4861f88.4e8: ProductVersion: 30.112.90.0
4871f88.4e8: FileVersion: 30.112.90.0
4881f88.4e8: FileDescription: Filter Core [fre_win7_amd64]
4891f88.4e8: \SystemRoot\System32\drivers\klif.sys:
4901f88.4e8: CreationTime: 2019-09-11T01:46:55.142665900Z
4911f88.4e8: LastWriteTime: 2019-10-31T03:07:18.219985900Z
4921f88.4e8: ChangeTime: 2019-10-31T03:07:18.219985900Z
4931f88.4e8: FileAttributes: 0x20
4941f88.4e8: Size: 0xf3a80
4951f88.4e8: NT Headers: 0xf8
4961f88.4e8: Timestamp: 0x5da6282c
4971f88.4e8: Machine: 0x8664 - amd64
4981f88.4e8: Timestamp: 0x5da6282c
4991f88.4e8: Image Version: 6.1
5001f88.4e8: SizeOfImage: 0xf4000 (999424)
5011f88.4e8: Resource Dir: 0xeb000 LB 0x33f8
5021f88.4e8: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
5031f88.4e8: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
5041f88.4e8: ProductName: Coretech Delivery
5051f88.4e8: ProductVersion: 30.112.90.0
5061f88.4e8: FileVersion: 30.112.90.0
5071f88.4e8: FileDescription: Core System Interceptors [fre_win7_amd64]
5081f88.4e8: \SystemRoot\System32\drivers\klim6.sys:
5091f88.4e8: CreationTime: 2019-03-19T10:21:06.000000000Z
5101f88.4e8: LastWriteTime: 2019-03-19T10:21:06.000000000Z
5111f88.4e8: ChangeTime: 2019-09-11T01:47:10.360437600Z
5121f88.4e8: FileAttributes: 0x20
5131f88.4e8: Size: 0xe350
5141f88.4e8: NT Headers: 0xe0
5151f88.4e8: Timestamp: 0x54ad405e
5161f88.4e8: Machine: 0x8664 - amd64
5171f88.4e8: Timestamp: 0x54ad405e
5181f88.4e8: Image Version: 6.1
5191f88.4e8: SizeOfImage: 0xb000 (45056)
5201f88.4e8: Resource Dir: 0x9000 LB 0x430
5211f88.4e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5221f88.4e8: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
5231f88.4e8: ProductName: Coretech Delivery
5241f88.4e8: ProductVersion: 30.0.3724.0
5251f88.4e8: FileVersion: 30.0.3724.0
5261f88.4e8: FileDescription: Packet Network Filter [fre_win7_amd64]
5271f88.4e8: \SystemRoot\System32\drivers\klkbdflt.sys:
5281f88.4e8: CreationTime: 2019-03-18T05:11:30.000000000Z
5291f88.4e8: LastWriteTime: 2019-03-18T05:11:30.000000000Z
5301f88.4e8: ChangeTime: 2019-09-11T01:47:09.969813900Z
5311f88.4e8: FileAttributes: 0x20
5321f88.4e8: Size: 0x13550
5331f88.4e8: NT Headers: 0xf8
5341f88.4e8: Timestamp: 0x79cc11d7
5351f88.4e8: Machine: 0x8664 - amd64
5361f88.4e8: Timestamp: 0x79cc11d7
5371f88.4e8: Image Version: 6.1
5381f88.4e8: SizeOfImage: 0x12000 (73728)
5391f88.4e8: Resource Dir: 0x10000 LB 0x438
5401f88.4e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5411f88.4e8: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
5421f88.4e8: ProductName: Coretech Delivery
5431f88.4e8: ProductVersion: 30.0.3716.0
5441f88.4e8: FileVersion: 30.0.3716.0
5451f88.4e8: FileDescription: Keyboard Device Filter [fre_win7_amd64]
5461f88.4e8: \SystemRoot\System32\drivers\klmouflt.sys:
5471f88.4e8: CreationTime: 2019-03-18T04:50:34.000000000Z
5481f88.4e8: LastWriteTime: 2019-03-18T04:50:34.000000000Z
5491f88.4e8: ChangeTime: 2019-09-11T01:47:09.907319300Z
5501f88.4e8: FileAttributes: 0x20
5511f88.4e8: Size: 0xe878
5521f88.4e8: NT Headers: 0xe8
5531f88.4e8: Timestamp: 0xab7b625
5541f88.4e8: Machine: 0x8664 - amd64
5551f88.4e8: Timestamp: 0xab7b625
5561f88.4e8: Image Version: 6.1
5571f88.4e8: SizeOfImage: 0xe000 (57344)
5581f88.4e8: Resource Dir: 0xc000 LB 0x430
5591f88.4e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5601f88.4e8: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
5611f88.4e8: ProductName: Coretech Delivery
5621f88.4e8: ProductVersion: 30.0.3716.0
5631f88.4e8: FileVersion: 30.0.3716.0
5641f88.4e8: FileDescription: Mouse Device Filter [fre_win7_amd64]
5651f88.4e8: \SystemRoot\System32\drivers\kneps.sys:
5661f88.4e8: CreationTime: 2019-03-19T05:31:38.000000000Z
5671f88.4e8: LastWriteTime: 2019-03-19T05:31:38.000000000Z
5681f88.4e8: ChangeTime: 2019-09-11T01:47:09.579234900Z
5691f88.4e8: FileAttributes: 0x20
5701f88.4e8: Size: 0x38b50
5711f88.4e8: NT Headers: 0x108
5721f88.4e8: Timestamp: 0x7aa255dc
5731f88.4e8: Machine: 0x8664 - amd64
5741f88.4e8: Timestamp: 0x7aa255dc
5751f88.4e8: Image Version: 6.1
5761f88.4e8: SizeOfImage: 0x38000 (229376)
5771f88.4e8: Resource Dir: 0x35000 LB 0x428
5781f88.4e8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5791f88.4e8: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
5801f88.4e8: ProductName: Coretech Delivery
5811f88.4e8: ProductVersion: 30.0.3731.0
5821f88.4e8: FileVersion: 30.0.3731.0
5831f88.4e8: FileDescription: Network Processor [fre_win7_amd64]
5841f88.4e8: \SystemRoot\System32\klfphc.dll:
5851f88.4e8: CreationTime: 2019-09-11T01:47:08.829208200Z
5861f88.4e8: LastWriteTime: 2013-05-06T11:13:26.000000000Z
5871f88.4e8: ChangeTime: 2019-09-11T01:46:59.532960800Z
5881f88.4e8: FileAttributes: 0x20
5891f88.4e8: Size: 0x1ae60
5901f88.4e8: NT Headers: 0xe8
5911f88.4e8: Timestamp: 0x51873bf2
5921f88.4e8: Machine: 0x8664 - amd64
5931f88.4e8: Timestamp: 0x51873bf2
5941f88.4e8: Image Version: 0.0
5951f88.4e8: SizeOfImage: 0x1d000 (118784)
5961f88.4e8: Resource Dir: 0x18000 LB 0x3c80
5971f88.4e8: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
5981f88.4e8: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
5991f88.4e8: ProductName: Kaspersky™ Anti-Virus ®
6001f88.4e8: ProductVersion: 1.0.0.12
6011f88.4e8: FileVersion: 1.0.0.12
6021f88.4e8: FileDescription: Filtering Platform Helper Class
6031f88.4e8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
6041f88.4e8: Calling main()
6051f88.4e8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
6061f88.4e8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
6071f88.4e8: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
6081f88.4e8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe)
6091f88.4e8: SUPR3HardenedMain: Respawn #2
6101f88.4e8: supR3HardNtEnableThreadCreationEx:
6111f88.4e8: supR3HardenedDllNotificationCallback: load 00007ffe46360000 LB 0x00120000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
6121f88.4e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
6131f88.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
6141f88.4e8: supR3HardenedDllNotificationCallback: load 00007ffe46eb0000 LB 0x00097000 C:\Windows\System32\sechost.dll [fFlags=0x0]
6151f88.4e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
6161f88.4e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
6171f88.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
6181f88.4e8: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
6191f88.4e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll)
6201f88.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6211f88.4e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6221f88.4e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6231f88.4e8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6241f88.4e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6251f88.4e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46fc0000 'C:\Windows\System32\ntdll.dll'
6261f88.4e8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe470317f0 pvNtTerminateThread=00007ffe4705cb10
6271f88.4e8: supR3HardenedWinDoReSpawn(2): New child 2474.29fc [kernel32].
6281f88.4e8: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
6291f88.4e8: supR3HardNtChildGatherData: PebBaseAddress=0000000000b61000 cbPeb=0x388
6301f88.4e8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffe46fc0000 uNtDllChildAddr=00007ffe46fc0000
6311f88.4e8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffe470317f0
6321f88.4e8: supR3HardenedWinSetupChildInit: Start child.
6331f88.4e8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
6341f88.4e8: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 60 sleeps
6351f88.4e8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
6361f88.4e8: *0000000000000000-000000000084ffff 0x0001/0x0000 0x0000000
6371f88.4e8: *0000000000850000-000000000086ffff 0x0004/0x0004 0x0020000
6381f88.4e8: *0000000000870000-000000000088afff 0x0002/0x0002 0x0040000
6391f88.4e8: 000000000088b000-000000000088ffff 0x0001/0x0000 0x0000000
6401f88.4e8: *0000000000890000-000000000098afff 0x0000/0x0004 0x0020000
6411f88.4e8: 000000000098b000-000000000098dfff 0x0104/0x0004 0x0020000
6421f88.4e8: 000000000098e000-000000000098ffff 0x0004/0x0004 0x0020000
6431f88.4e8: *0000000000990000-0000000000993fff 0x0002/0x0002 0x0040000
6441f88.4e8: 0000000000994000-000000000099ffff 0x0001/0x0000 0x0000000
6451f88.4e8: *00000000009a0000-00000000009a1fff 0x0004/0x0004 0x0020000
6461f88.4e8: 00000000009a2000-00000000009fffff 0x0001/0x0000 0x0000000
6471f88.4e8: *0000000000a00000-0000000000b60fff 0x0000/0x0004 0x0020000
6481f88.4e8: 0000000000b61000-0000000000b63fff 0x0004/0x0004 0x0020000
6491f88.4e8: 0000000000b64000-0000000000bfffff 0x0000/0x0004 0x0020000
6501f88.4e8: 0000000000c00000-000000007ffdffff 0x0001/0x0000 0x0000000
6511f88.4e8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
6521f88.4e8: *000000007ffe1000-000000007ffe1fff 0x0002/0x0002 0x0020000
6531f88.4e8: 000000007ffe2000-00007ff5f1abffff 0x0001/0x0000 0x0000000
6541f88.4e8: *00007ff5f1ac0000-00007ff5f1ac0fff 0x0002/0x0002 0x0040000
6551f88.4e8: 00007ff5f1ac1000-00007ff5f1acffff 0x0001/0x0000 0x0000000
6561f88.4e8: *00007ff5f1ad0000-00007ff5f1af2fff 0x0002/0x0002 0x0040000
6571f88.4e8: 00007ff5f1af3000-00007ff746e8ffff 0x0001/0x0000 0x0000000
6581f88.4e8: *00007ff746e90000-00007ff746e90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6591f88.4e8: 00007ff746e91000-00007ff746f05fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6601f88.4e8: 00007ff746f06000-00007ff746f06fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6611f88.4e8: 00007ff746f07000-00007ff746f4efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6621f88.4e8: 00007ff746f4f000-00007ff746f4ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6631f88.4e8: 00007ff746f50000-00007ff746f50fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6641f88.4e8: 00007ff746f51000-00007ff746f55fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6651f88.4e8: 00007ff746f56000-00007ff746f56fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6661f88.4e8: 00007ff746f57000-00007ff746f57fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6671f88.4e8: 00007ff746f58000-00007ff746f5bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6681f88.4e8: 00007ff746f5c000-00007ff746fa4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
6691f88.4e8: 00007ff746fa5000-00007ffe46fbffff 0x0001/0x0000 0x0000000
6701f88.4e8: *00007ffe46fc0000-00007ffe46fc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6711f88.4e8: 00007ffe46fc1000-00007ffe470d7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6721f88.4e8: 00007ffe470d8000-00007ffe4711efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6731f88.4e8: 00007ffe4711f000-00007ffe4712afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6741f88.4e8: 00007ffe4712b000-00007ffe47139fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6751f88.4e8: 00007ffe4713a000-00007ffe4713afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6761f88.4e8: 00007ffe4713b000-00007ffe4713dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6771f88.4e8: 00007ffe4713e000-00007ffe471affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
6781f88.4e8: 00007ffe471b0000-00007ffffffeffff 0x0001/0x0000 0x0000000
6791f88.4e8: VirtualBoxVM.exe: timestamp 0x5d9f7c37 (rc=VINF_SUCCESS)
6801f88.4e8: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
6811f88.4e8: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
6821f88.4e8: supR3HardNtChildPurify: Done after 578 ms and 0 fixes (loop #0).
6832474.29fc: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
6842474.29fc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffe46fc0000 g_uNtVerCombined=0xa047ba00
6851f88.4e8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001000000 LB 0x400000)
6862474.29fc: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
6872474.29fc: New simple heap: #1 0000000000d00000 LB 0x400000 (for 2031616 allocation)
6881f88.4e8: supR3HardNtEnableThreadCreationEx:
6892474.29fc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
6902474.29fc: System32: \Device\HarddiskVolume4\Windows\System32
6912474.29fc: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
6922474.29fc: KnownDllPath: C:\Windows\System32
6932474.29fc: supR3HardenedVmProcessInit: Opening vboxdrv...
6942474.29fc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
6952474.29fc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
6962474.29fc: Registered Dll notification callback with NTDLL.
6972474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
6982474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
6992474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
7002474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44340000 LB 0x002a3000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
7012474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
7022474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
7032474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45380000 LB 0x000b2000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
7042474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7052474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45380000 'C:\Windows\System32\KERNEL32.DLL'
7062474.29fc: supR3HardenedDllNotificationCallback: load 00007ff746e90000 LB 0x00115000 C:\MeusProgs\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
7072474.29fc: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
7082474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe)
7092474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe
7102474.29fc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe470317f0 pvNtTerminateThread=00007ffe4705cb10
7111f88.4e8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 84 ms.
7122474.29fc: \SystemRoot\System32\ntdll.dll:
7132474.29fc: CreationTime: 2019-10-09T01:36:29.202644000Z
7142474.29fc: LastWriteTime: 2019-10-09T01:36:29.233892100Z
7152474.29fc: ChangeTime: 2019-11-13T02:35:35.364972700Z
7162474.29fc: FileAttributes: 0x20
7172474.29fc: Size: 0x1e8528
7182474.29fc: NT Headers: 0xd8
7192474.29fc: Timestamp: 0x99ca0526
7202474.29fc: Machine: 0x8664 - amd64
7212474.29fc: Timestamp: 0x99ca0526
7222474.29fc: Image Version: 10.0
7232474.29fc: SizeOfImage: 0x1f0000 (2031616)
7242474.29fc: Resource Dir: 0x17f000 LB 0x6f310
7252474.29fc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
7262474.29fc: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
7272474.29fc: ProductName: Microsoft® Windows® Operating System
7282474.29fc: ProductVersion: 10.0.18362.418
7292474.29fc: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
7302474.29fc: FileDescription: NT Layer DLL
7312474.29fc: \SystemRoot\System32\kernel32.dll:
7322474.29fc: CreationTime: 2019-09-11T00:49:25.121987800Z
7332474.29fc: LastWriteTime: 2019-09-11T00:49:25.153237900Z
7342474.29fc: ChangeTime: 2019-11-13T02:35:35.193080500Z
7352474.29fc: FileAttributes: 0x20
7362474.29fc: Size: 0xb0570
7372474.29fc: NT Headers: 0xe8
7382474.29fc: Timestamp: 0xd0cecc10
7392474.29fc: Machine: 0x8664 - amd64
7402474.29fc: Timestamp: 0xd0cecc10
7412474.29fc: Image Version: 10.0
7422474.29fc: SizeOfImage: 0xb2000 (729088)
7432474.29fc: Resource Dir: 0xb0000 LB 0x520
7442474.29fc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
7452474.29fc: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
7462474.29fc: ProductName: Microsoft® Windows® Operating System
7472474.29fc: ProductVersion: 10.0.18362.329
7482474.29fc: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
7492474.29fc: FileDescription: Windows NT BASE API Client DLL
7502474.29fc: \SystemRoot\System32\KernelBase.dll:
7512474.29fc: CreationTime: 2019-11-13T02:35:10.754343700Z
7522474.29fc: LastWriteTime: 2019-11-13T02:35:10.816861100Z
7532474.29fc: ChangeTime: 2019-11-13T02:36:57.516037700Z
7542474.29fc: FileAttributes: 0x20
7552474.29fc: Size: 0x2a2908
7562474.29fc: NT Headers: 0xf0
7572474.29fc: Timestamp: 0x83c3d83a
7582474.29fc: Machine: 0x8664 - amd64
7592474.29fc: Timestamp: 0x83c3d83a
7602474.29fc: Image Version: 10.0
7612474.29fc: SizeOfImage: 0x2a3000 (2764800)
7622474.29fc: Resource Dir: 0x27d000 LB 0x548
7632474.29fc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
7642474.29fc: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
7652474.29fc: ProductName: Microsoft® Windows® Operating System
7662474.29fc: ProductVersion: 10.0.18362.476
7672474.29fc: FileVersion: 10.0.18362.476 (WinBuild.160101.0800)
7682474.29fc: FileDescription: Windows NT BASE API Client DLL
7692474.29fc: \SystemRoot\System32\apisetschema.dll:
7702474.29fc: CreationTime: 2019-03-19T04:43:54.837151500Z
7712474.29fc: LastWriteTime: 2019-03-19T04:43:54.837151500Z
7722474.29fc: ChangeTime: 2019-11-13T02:35:35.177454100Z
7732474.29fc: FileAttributes: 0x20
7742474.29fc: Size: 0x1d028
7752474.29fc: NT Headers: 0xc8
7762474.29fc: Timestamp: 0xd6ced080
7772474.29fc: Machine: 0x8664 - amd64
7782474.29fc: Timestamp: 0xd6ced080
7792474.29fc: Image Version: 10.0
7802474.29fc: SizeOfImage: 0x1e000 (122880)
7812474.29fc: Resource Dir: 0x1d000 LB 0x408
7822474.29fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7832474.29fc: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7842474.29fc: ProductName: Microsoft® Windows® Operating System
7852474.29fc: ProductVersion: 10.0.18362.1
7862474.29fc: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
7872474.29fc: FileDescription: ApiSet Schema DLL
7882474.29fc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7892474.29fc: supR3HardenedWinFindAdversaries: 0x40
7902474.29fc: \SystemRoot\System32\drivers\klflt.sys:
7912474.29fc: CreationTime: 2019-09-11T01:46:54.861439200Z
7922474.29fc: LastWriteTime: 2019-10-31T03:07:58.189740800Z
7932474.29fc: ChangeTime: 2019-10-31T03:07:58.189740800Z
7942474.29fc: FileAttributes: 0x20
7952474.29fc: Size: 0x3d678
7962474.29fc: NT Headers: 0x100
7972474.29fc: Timestamp: 0xddaa7cbc
7982474.29fc: Machine: 0x8664 - amd64
7992474.29fc: Timestamp: 0xddaa7cbc
8002474.29fc: Image Version: 6.1
8012474.29fc: SizeOfImage: 0x4a000 (303104)
8022474.29fc: Resource Dir: 0x47000 LB 0x418
8032474.29fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8042474.29fc: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
8052474.29fc: ProductName: Coretech Delivery
8062474.29fc: ProductVersion: 30.112.90.0
8072474.29fc: FileVersion: 30.112.90.0
8082474.29fc: FileDescription: Filter Core [fre_win7_amd64]
8092474.29fc: \SystemRoot\System32\drivers\klif.sys:
8102474.29fc: CreationTime: 2019-09-11T01:46:55.142665900Z
8112474.29fc: LastWriteTime: 2019-10-31T03:07:18.219985900Z
8122474.29fc: ChangeTime: 2019-10-31T03:07:18.219985900Z
8132474.29fc: FileAttributes: 0x20
8142474.29fc: Size: 0xf3a80
8152474.29fc: NT Headers: 0xf8
8162474.29fc: Timestamp: 0x5da6282c
8172474.29fc: Machine: 0x8664 - amd64
8182474.29fc: Timestamp: 0x5da6282c
8192474.29fc: Image Version: 6.1
8202474.29fc: SizeOfImage: 0xf4000 (999424)
8212474.29fc: Resource Dir: 0xeb000 LB 0x33f8
8222474.29fc: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
8232474.29fc: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
8242474.29fc: ProductName: Coretech Delivery
8252474.29fc: ProductVersion: 30.112.90.0
8262474.29fc: FileVersion: 30.112.90.0
8272474.29fc: FileDescription: Core System Interceptors [fre_win7_amd64]
8282474.29fc: \SystemRoot\System32\drivers\klim6.sys:
8292474.29fc: CreationTime: 2019-03-19T10:21:06.000000000Z
8302474.29fc: LastWriteTime: 2019-03-19T10:21:06.000000000Z
8312474.29fc: ChangeTime: 2019-09-11T01:47:10.360437600Z
8322474.29fc: FileAttributes: 0x20
8332474.29fc: Size: 0xe350
8342474.29fc: NT Headers: 0xe0
8352474.29fc: Timestamp: 0x54ad405e
8362474.29fc: Machine: 0x8664 - amd64
8372474.29fc: Timestamp: 0x54ad405e
8382474.29fc: Image Version: 6.1
8392474.29fc: SizeOfImage: 0xb000 (45056)
8402474.29fc: Resource Dir: 0x9000 LB 0x430
8412474.29fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8422474.29fc: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
8432474.29fc: ProductName: Coretech Delivery
8442474.29fc: ProductVersion: 30.0.3724.0
8452474.29fc: FileVersion: 30.0.3724.0
8462474.29fc: FileDescription: Packet Network Filter [fre_win7_amd64]
8472474.29fc: \SystemRoot\System32\drivers\klkbdflt.sys:
8482474.29fc: CreationTime: 2019-03-18T05:11:30.000000000Z
8492474.29fc: LastWriteTime: 2019-03-18T05:11:30.000000000Z
8502474.29fc: ChangeTime: 2019-09-11T01:47:09.969813900Z
8512474.29fc: FileAttributes: 0x20
8522474.29fc: Size: 0x13550
8532474.29fc: NT Headers: 0xf8
8542474.29fc: Timestamp: 0x79cc11d7
8552474.29fc: Machine: 0x8664 - amd64
8562474.29fc: Timestamp: 0x79cc11d7
8572474.29fc: Image Version: 6.1
8582474.29fc: SizeOfImage: 0x12000 (73728)
8592474.29fc: Resource Dir: 0x10000 LB 0x438
8602474.29fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8612474.29fc: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
8622474.29fc: ProductName: Coretech Delivery
8632474.29fc: ProductVersion: 30.0.3716.0
8642474.29fc: FileVersion: 30.0.3716.0
8652474.29fc: FileDescription: Keyboard Device Filter [fre_win7_amd64]
8662474.29fc: \SystemRoot\System32\drivers\klmouflt.sys:
8672474.29fc: CreationTime: 2019-03-18T04:50:34.000000000Z
8682474.29fc: LastWriteTime: 2019-03-18T04:50:34.000000000Z
8692474.29fc: ChangeTime: 2019-09-11T01:47:09.907319300Z
8702474.29fc: FileAttributes: 0x20
8712474.29fc: Size: 0xe878
8722474.29fc: NT Headers: 0xe8
8732474.29fc: Timestamp: 0xab7b625
8742474.29fc: Machine: 0x8664 - amd64
8752474.29fc: Timestamp: 0xab7b625
8762474.29fc: Image Version: 6.1
8772474.29fc: SizeOfImage: 0xe000 (57344)
8782474.29fc: Resource Dir: 0xc000 LB 0x430
8792474.29fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8802474.29fc: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
8812474.29fc: ProductName: Coretech Delivery
8822474.29fc: ProductVersion: 30.0.3716.0
8832474.29fc: FileVersion: 30.0.3716.0
8842474.29fc: FileDescription: Mouse Device Filter [fre_win7_amd64]
8852474.29fc: \SystemRoot\System32\drivers\kneps.sys:
8862474.29fc: CreationTime: 2019-03-19T05:31:38.000000000Z
8872474.29fc: LastWriteTime: 2019-03-19T05:31:38.000000000Z
8882474.29fc: ChangeTime: 2019-09-11T01:47:09.579234900Z
8892474.29fc: FileAttributes: 0x20
8902474.29fc: Size: 0x38b50
8912474.29fc: NT Headers: 0x108
8922474.29fc: Timestamp: 0x7aa255dc
8932474.29fc: Machine: 0x8664 - amd64
8942474.29fc: Timestamp: 0x7aa255dc
8952474.29fc: Image Version: 6.1
8962474.29fc: SizeOfImage: 0x38000 (229376)
8972474.29fc: Resource Dir: 0x35000 LB 0x428
8982474.29fc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8992474.29fc: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
9002474.29fc: ProductName: Coretech Delivery
9012474.29fc: ProductVersion: 30.0.3731.0
9022474.29fc: FileVersion: 30.0.3731.0
9032474.29fc: FileDescription: Network Processor [fre_win7_amd64]
9042474.29fc: \SystemRoot\System32\klfphc.dll:
9052474.29fc: CreationTime: 2019-09-11T01:47:08.829208200Z
9062474.29fc: LastWriteTime: 2013-05-06T11:13:26.000000000Z
9072474.29fc: ChangeTime: 2019-09-11T01:46:59.532960800Z
9082474.29fc: FileAttributes: 0x20
9092474.29fc: Size: 0x1ae60
9102474.29fc: NT Headers: 0xe8
9112474.29fc: Timestamp: 0x51873bf2
9122474.29fc: Machine: 0x8664 - amd64
9132474.29fc: Timestamp: 0x51873bf2
9142474.29fc: Image Version: 0.0
9152474.29fc: SizeOfImage: 0x1d000 (118784)
9162474.29fc: Resource Dir: 0x18000 LB 0x3c80
9172474.29fc: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
9182474.29fc: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
9192474.29fc: ProductName: Kaspersky™ Anti-Virus ®
9202474.29fc: ProductVersion: 1.0.0.12
9212474.29fc: FileVersion: 1.0.0.12
9222474.29fc: FileDescription: Filtering Platform Helper Class
9232474.29fc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
9242474.29fc: Calling main()
9252474.29fc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
9262474.29fc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\MeusProgs\VirtualBox'
9272474.29fc: '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe' has no imports
9282474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe)
9292474.29fc: SUPR3HardenedMain: Final process, opening VBoxDrv...
9302474.29fc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000d00000 LB 0x400000)
9312474.29fc: supR3HardNtEnableThreadCreationEx:
9322474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll)
9332474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll
9342474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9352474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9362474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe3ea20000 LB 0x00005000 C:\MeusProgs\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
9372474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9382474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9392474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9402474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3ea20000 'C:\MeusProgs\VirtualBox\VBoxSupLib.DLL'
9412474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9422474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9432474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3ea20000 'C:\MeusProgs\VirtualBox\VBoxSupLib.DLL'
9442474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3ea20000 'C:\MeusProgs\VirtualBox\VBoxSupLib.DLL'
9452474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9462474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
9472474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
9482474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
9492474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
9502474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
9512474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9522474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9532474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
9542474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
9552474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
9562474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
9572474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'msasn1.dll'.
9582474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
9592474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
9602474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
9612474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
9622474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
9632474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
9642474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
9662474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
9672474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
9682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
9692474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
9702474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
9712474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9722474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45a40000 LB 0x0009e000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
9732474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
9742474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43f00000 LB 0x00012000 C:\Windows\System32\MSASN1.dll [fFlags=0x0]
9752474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
9762474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe445f0000 LB 0x000fa000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
9772474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
9782474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
9792474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe440c0000 LB 0x00149000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
9802474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
9812474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46360000 LB 0x00120000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
9822474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
9832474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44fe0000 LB 0x0005c000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
9842474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
9852474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
9862474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9872474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-synch-l1-2-0'
9882474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
9892474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9902474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-fibers-l1-1-1'
9912474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
9922474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-fibers-l1-1-1'
9942474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
9952474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9962474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-synch-l1-2-0'
9972474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
9982474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9992474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-localization-l1-2-1'
10002474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44fe0000 'C:\Windows\system32\Wintrust.dll'
10012474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
10022474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
10032474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10042474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44310000 LB 0x00026000 C:\Windows\System32\bcrypt.dll [fFlags=0x0]
10052474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
10062474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44310000 'C:\Windows\system32\bcrypt.dll'
10072474.29fc: bcrypt.dll loaded at 00007ffe44310000, BCryptOpenAlgorithmProvider at 00007ffe44314c70, preloading providers:
10082474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
10092474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
10102474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10112474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44710000 LB 0x00080000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
10122474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
10132474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44710000 'C:\Windows\system32\bcryptprimitives.dll'
10142474.29fc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000011eb920)
10152474.29fc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000011eeae0)
10162474.29fc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000011eede0)
10172474.29fc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000011ef0e0)
10182474.29fc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000011ef3e0)
10192474.29fc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000011ef6e0)
10202474.29fc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000011ef9e0)
10212474.29fc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000011f00f0)
10222474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe446f0000 LB 0x00017000 C:\Windows\System32\CRYPTSP.dll [fFlags=0x0]
10232474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
10242474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
10252474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
10262474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
10272474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
10282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
10292474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
10302474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
10312474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10322474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
10332474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe431a0000 LB 0x00033000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
10342474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
10352474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
10362474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
10372474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
10382474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
10392474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe437a0000 LB 0x0000c000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
10402474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
10412474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
10422474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
10432474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
10442474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
10452474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10462474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45380000 'C:\Windows\System32\kernel32.dll'
10472474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10482474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10492474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44fe0000 'C:\Windows\System32\WINTRUST.DLL'
10502474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
10512474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
10522474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\CRYPT32.dll'
10532474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45ae0000 LB 0x0001d000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
10542474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
10552474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
10562474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
10572474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
10582474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10592474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10602474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10612474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10622474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
10632474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46eb0000 LB 0x00097000 C:\Windows\System32\sechost.dll [fFlags=0x0]
10642474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
10652474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
10662474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
10672474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10682474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
10692474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
10702474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
10712474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe42a40000 LB 0x00022000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
10722474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
10732474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43ee0000 LB 0x0001f000 C:\Windows\System32\profapi.dll [fFlags=0x0]
10742474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
10752474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
10762474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10772474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
10782474.29fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
10792474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
10802474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
10812474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
10822474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
10832474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10842474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10852474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10862474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10872474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10882474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10892474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10902474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10912474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10922474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10932474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10942474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10952474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10962474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10972474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe3e250000 LB 0x0002f000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
10982474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
10992474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11002474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11012474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11022474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11032474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11042474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11052474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11062474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11072474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11082474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11092474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11102474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11112474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11122474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11132474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11142474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11152474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11162474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11172474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11182474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11192474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11202474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11212474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11222474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11232474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11242474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11252474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11262474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11272474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11282474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11292474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3e250000 'C:\Windows\System32\cryptnet.dll'
11302474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe452d0000 LB 0x000a3000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
11312474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11322474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
11332474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
11342474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
11352474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
11362474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11372474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11392474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11402474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
11412474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
11422474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
11432474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11442474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11452474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11462474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11472474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11482474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11492474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11502474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
11512474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
11522474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000001243580
11532474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
11542474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E42142C43484BA84DDDB10D97303487D47E882DE
11552474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11562474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11572474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46360000 'C:\Windows\System32\rpcrt4.dll'
11582474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11592474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11602474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11612474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11622474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11632474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
11642474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\SystemRoot\System32\ntdll.dll'
11652474.29fc: g_pfnWinVerifyTrust=00007ffe44fe61f0
11662474.29fc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
11672474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11682474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11692474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11702474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11712474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11722474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
11732474.29fc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
11742474.29fc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
11752474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11762474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11772474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11782474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
11792474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11802474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
11812474.29fc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
11822474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11832474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11842474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11852474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
11862474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
11872474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000394 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
11882474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
11892474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
11902474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
11912474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11922474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
11942474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
11952474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
11962474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
11972474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11982474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
11992474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12002474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
12012474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12022474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12032474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12042474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
12052474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12062474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12072474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12082474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
12092474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12102474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12112474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12122474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
12132474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12142474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12152474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12162474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
12172474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12182474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12192474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
12202474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12212474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12222474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
12232474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
12242474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12252474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12262474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12272474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
12282474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12292474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12302474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
12312474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12322474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12332474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
12342474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12352474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12362474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll'
12372474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12382474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12392474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
12402474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12412474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12422474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
12432474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12442474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12452474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
12462474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12472474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSupLib.dll'
12482474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12492474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.exe'
12502474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12512474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12522474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
12532474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
12542474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
12552474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
12562474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\system32\crypt32.dll'
12572474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
12582474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
12592474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
12602474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
12612474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
12622474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
12632474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x90ae99396915c600 O=AO Kaspersky Lab, CN=Kaspersky Anti-Virus Personal Root Certificate
12642474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
12652474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
12662474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
12672474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
12682474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
12692474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x5d213e487856186f CN=DESKTOP-P3VL5IK
12702474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
12712474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
12722474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
12732474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
12742474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
12752474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
12762474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
12772474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
12782474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
12792474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
12802474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
12812474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
12822474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
12832474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
12842474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
12852474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
12862474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
12872474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
12882474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
12892474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
12902474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
12912474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x30669a4e82fa800 C=US, O=America Online Inc., CN=America Online Root Certification Authority 1
12922474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
12932474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
12942474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
12952474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
12962474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
12972474.29fc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
12982474.29fc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=41
12992474.29fc: SUPR3HardenedMain: Load Runtime...
13002474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
13012474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
13022474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
13032474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
13042474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
13052474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll) WinVerifyTrust
13062474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13072474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13082474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13092474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
13102474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
13112474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
13122474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
13132474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
13142474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13152474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13162474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
13172474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13182474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13192474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13202474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13212474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
13222474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
13232474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
13242474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll) WinVerifyTrust
13252474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
13262474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13272474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13292474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13302474.29fc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll'.
13312474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll)
13322474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll
13332474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
13342474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll) WinVerifyTrust
13352474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
13362474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13372474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
13382474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
13392474.29fc: supR3HardenedDllNotificationCallback: load 000000006f560000 LB 0x000d2000 C:\MeusProgs\VirtualBox\MSVCR100.dll [fFlags=0x0]
13402474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
13412474.29fc: supR3HardenedDllNotificationCallback: load 000000006e9e0000 LB 0x00098000 C:\MeusProgs\VirtualBox\MSVCP100.dll [fFlags=0x0]
13422474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
13432474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe459d0000 LB 0x0006f000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
13442474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
13452474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe23000000 LB 0x005e2000 C:\MeusProgs\VirtualBox\VBoxRT.dll [fFlags=0x0]
13462474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13472474.29fc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll'.
13482474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rescheduled]
13492474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13502474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13512474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13522474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13532474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13542474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13552474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13562474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13572474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13582474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13592474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13602474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13612474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13622474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13632474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13642474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13652474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13662474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13672474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13682474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13692474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13702474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13712474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13722474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13732474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13742474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13752474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13762474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13772474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13782474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13792474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13802474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13812474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13822474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13832474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13842474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13852474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13862474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13872474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13882474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13892474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13902474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13912474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13922474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxRT.dll
13932474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13942474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13952474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13962474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13972474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23000000 'C:\MeusProgs\VirtualBox\VBoxRT.dll'
13982474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
13992474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
14002474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44fe0000 'C:\Windows\system32\Wintrust.dll'
14012474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
14022474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
14032474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
14042474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14052474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
14062474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
14072474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\system32\crypt32.dll'
14082474.29fc: SUPR3HardenedMain: Load TrustedMain...
14092474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
14102474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
14112474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxglobal.dll'.
14122474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
14132474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
14142474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
14152474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
14162474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
14172474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
14182474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
14192474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
14202474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
14212474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
14222474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
14232474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
14242474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.dll
14252474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
14262474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
14272474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
14282474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
14292474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
14302474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
14312474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
14322474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
14332474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
14342474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
14352474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14362474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14372474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
14382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
14392474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
14402474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
14412474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14422474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
14432474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
14442474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14452474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14462474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
14472474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
14482474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
14492474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14502474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
14512474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
14522474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
14532474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
14542474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
14552474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
14562474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14572474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14582474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14592474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14602474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
14612474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
14622474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
14632474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
14642474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'bcryptprimitives.dll'.
14652474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
14662474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
14672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
14682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
14692474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
14702474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
14712474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
14722474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
14732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
14742474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
14752474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14762474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14772474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
14782474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
14792474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
14802474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
14812474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
14822474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
14832474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
14842474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
14852474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14862474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14872474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
14882474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
14892474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
14902474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14912474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14922474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
14932474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
14942474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
14952474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
14962474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
14972474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14982474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14992474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
15002474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
15012474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
15022474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
15032474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15042474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15052474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15062474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15072474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
15082474.29fc: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
15092474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
15102474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
15112474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15122474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15132474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15142474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15152474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15162474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15172474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
15182474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
15192474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
15202474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
15212474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) WinVerifyTrust
15222474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
15232474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
15242474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15252474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15262474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15272474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15292474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15302474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
15312474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
15322474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
15332474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
15342474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
15352474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
15362474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5OpenGLVBox.dll
15372474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
15382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
15392474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15402474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15412474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
15422474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15432474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15442474.29fc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll'.
15452474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15462474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
15472474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
15482474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
15492474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
15502474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
15512474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
15522474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
15532474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll)
15542474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll
15552474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15562474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15572474.29fc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll'.
15582474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
15592474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
15602474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
15612474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15622474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
15632474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15642474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15652474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll)
15662474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll
15672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
15682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
15692474.29fc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll'.
15702474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15712474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15722474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
15732474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
15742474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
15752474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15762474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15772474.29fc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll)
15782474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll
15792474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15802474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15812474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
15822474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15832474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15842474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
15852474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15862474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15872474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
15882474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
15892474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
15902474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
15912474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
15922474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15932474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15942474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
15952474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15962474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15972474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
15982474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15992474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16002474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
16012474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16022474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16032474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
16042474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16052474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16062474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
16072474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16082474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16092474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
16102474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16112474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16122474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
16132474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16142474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16152474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
16162474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16172474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16182474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
16192474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16202474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
16212474.29fc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
16222474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16232474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
16242474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
16252474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
16262474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
16272474.29fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
16282474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
16292474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16302474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16312474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
16322474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16332474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16342474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
16352474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16362474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16372474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
16382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
16392474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
16402474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
16412474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
16422474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
16432474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
16442474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
16452474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
16462474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16472474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16482474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
16492474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16502474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16512474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
16522474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
16532474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
16542474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
16552474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16562474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16572474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
16582474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
16592474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
16602474.29fc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
16612474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16622474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
16632474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
16642474.29fc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
16652474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
16662474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16682474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
16692474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16702474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16712474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
16722474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16742474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
16752474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16762474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16772474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
16782474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16792474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16802474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
16812474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16822474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16832474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
16842474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16852474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
16862474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
16872474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16882474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16892474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
16902474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16912474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16922474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
16932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
16942474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
16952474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
16962474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
16972474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
16982474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
16992474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
17002474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
17012474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
17022474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17032474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17042474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
17052474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17062474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17072474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
17082474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17092474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17102474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
17112474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
17122474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
17132474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
17142474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17152474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17162474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
17172474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17182474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17192474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
17202474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17212474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17222474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
17232474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17242474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17252474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17262474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
17272474.29fc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll'
17282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17292474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17302474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
17312474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
17322474.29fc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll'
17332474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17342474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17352474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
17362474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
17372474.29fc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll'
17382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17392474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17402474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
17412474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17422474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17432474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxglobal.dll'...
17442474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxglobal.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxglobal.dll' [rcNtRedir=0xc0150008]
17452474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
17462474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
17472474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
17482474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
17492474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
17502474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
17512474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
17522474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
17532474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
17542474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
17552474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
17562474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxGlobal.dll) WinVerifyTrust
17572474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxGlobal.dll
17582474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
17592474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
17602474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
17612474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000047c pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
17622474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
17632474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
17642474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
17652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17662474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17692474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
17702474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17712474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17722474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
17732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17742474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17752474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
17762474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17772474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17782474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
17792474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17802474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17812474.29fc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
17822474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17832474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17842474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll
17852474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17862474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17872474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll
17882474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17892474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17902474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
17912474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
17922474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
17932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
17942474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
17952474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
17962474.29fc: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
17972474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
17982474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.dll
17992474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
18002474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxGlobal.dll
18012474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll
18022474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll
18032474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
18042474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5OpenGLVBox.dll
18052474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
18062474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
18072474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
18082474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
18092474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
18102474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
18112474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DXCore.dll)
18122474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DXCore.dll
18132474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44790000 LB 0x00021000 C:\Windows\System32\win32u.dll [fFlags=0x0]
18142474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
18152474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe447c0000 LB 0x0009e000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
18162474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
18172474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43f20000 LB 0x00194000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
18182474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
18192474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
18202474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
18212474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
18222474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll)
18232474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll
18242474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45440000 LB 0x00026000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
18252474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
18262474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45b00000 LB 0x00194000 C:\Windows\System32\USER32.dll [fFlags=0x0]
18272474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [avoiding WinVerifyTrust]
18282474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45690000 LB 0x00336000 C:\Windows\System32\combase.dll [fFlags=0x0]
18292474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
18302474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44210000 LB 0x0004a000 C:\Windows\System32\cfgmgr32.dll [fFlags=0x0]
18312474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
18322474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
18332474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe42a90000 LB 0x00020000 C:\Windows\SYSTEM32\dxcore.dll [fFlags=0x0]
18342474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
18352474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe406d0000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
18362474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
18372474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe2ed20000 LB 0x00156000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
18382474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
18392474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45d00000 LB 0x000a9000 C:\Windows\System32\shcore.dll [fFlags=0x0]
18402474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18412474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
18422474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
18432474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
18442474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
18452474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43e60000 LB 0x00010000 C:\Windows\System32\UMPDC.dll [fFlags=0x0]
18462474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\umpdc.dll)
18472474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\umpdc.dll
18482474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43e90000 LB 0x0004a000 C:\Windows\System32\powrprof.dll [fFlags=0x0]
18492474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
18502474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
18512474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
18522474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
18532474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46480000 LB 0x00052000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
18542474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
18552474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
18562474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
18572474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
18582474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
18592474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43e70000 LB 0x00011000 C:\Windows\System32\kernel.appcore.dll [fFlags=0x0]
18602474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
18612474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
18622474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
18632474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
18642474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe44860000 LB 0x0077e000 C:\Windows\System32\windows.storage.dll [fFlags=0x0]
18652474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
18662474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
18672474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
18682474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
18692474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
18702474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
18712474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46500000 LB 0x006e5000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
18722474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
18732474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46ca0000 LB 0x00156000 C:\Windows\System32\ole32.dll [fFlags=0x0]
18742474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
18752474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe33460000 LB 0x0001b000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
18762474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
18772474.29fc: supR3HardenedDllNotificationCallback: load 000000006eff0000 LB 0x00565000 C:\MeusProgs\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
18782474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll
18792474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe2d0c0000 LB 0x005f7000 C:\MeusProgs\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
18802474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll
18812474.29fc: supR3HardenedDllNotificationCallback: load 000000006ea80000 LB 0x00561000 C:\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
18822474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
18832474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe45560000 LB 0x000c4000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
18842474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
18852474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe0c380000 LB 0x02387000 C:\MeusProgs\VirtualBox\VBoxGlobal.dll [fFlags=0x0]
18862474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxGlobal.dll
18872474.29fc: supR3HardenedDllNotificationCallback: load 000000006e980000 LB 0x00054000 C:\MeusProgs\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
18882474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5OpenGLVBox.dll
18892474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe41e10000 LB 0x0002d000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
18902474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
18912474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe41e40000 LB 0x00024000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
18922474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
18932474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe239b0000 LB 0x00188000 C:\MeusProgs\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
18942474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VirtualBoxVM.dll
18952474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
18962474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
18972474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
18982474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
18992474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
19002474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
19012474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
19022474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
19032474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
19042474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
19052474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
19062474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
19072474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
19082474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
19092474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
19102474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
19112474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
19122474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
19132474.29fc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
19142474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
19152474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
19162474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
19172474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
19182474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
19192474.29fc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll'.
19202474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19212474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
19222474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
19232474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
19242474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
19252474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
19262474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
19272474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
19282474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
19292474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
19302474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
19312474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
19322474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
19332474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
19342474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
19352474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
19362474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
19372474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19392474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
19402474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
19412474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
19422474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
19432474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
19442474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19452474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19462474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
19472474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
19482474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
19492474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19502474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19512474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19522474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19532474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19542474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19552474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
19562474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
19572474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
19582474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19592474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19602474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
19612474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
19622474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
19632474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19642474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
19662474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
19672474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
19682474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
19692474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\umpdc.dll
19702474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19712474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19722474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19742474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
19752474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
19762474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
19772474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19782474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19792474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
19802474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19812474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19822474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
19832474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
19842474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
19852474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
19862474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
19872474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19882474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19892474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
19902474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
19912474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
19922474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19932474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19942474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
19952474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
19962474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
19972474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
19982474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
19992474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
20002474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
20012474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
20022474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
20032474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
20042474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
20052474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
20062474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
20072474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
20082474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
20092474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
20102474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
20112474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
20122474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20132474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45380000 'C:\Windows\System32\kernel32.dll'
20142474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
20152474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20162474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-string-l1-1-0'
20172474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
20182474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20192474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-datetime-l1-1-1'
20202474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
20212474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20222474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-localization-obsolete-l1-2-0'
20232474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
20242474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
20252474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
20262474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
20272474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
20282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
20292474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
20302474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
20312474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
20322474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
20332474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20342474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20352474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
20362474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
20372474.29fc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
20382474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20392474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46c70000 LB 0x0002e000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
20402474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
20412474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46c70000 'C:\Windows\system32\IMM32.DLL'
20422474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
20432474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
20442474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
20452474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20462474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe452d0000 'C:\Windows\System32\ADVAPI32.DLL'
20472474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe239b0000 'C:\MeusProgs\VirtualBox\VirtualBoxVM.dll'
20482474.29fc: SUPR3HardenedMain: Calling TrustedMain (00007ffe239b16c0)...
20492474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
20502474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
20512474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
20522474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
20532474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
20542474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
20552474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
20562474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
20572474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
20582474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
20592474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
20602474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
20612474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
20622474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\platforms\qwindows.dll
20632474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20642474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
20662474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
20672474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5CoreVBox.dll
20682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
20692474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
20702474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\Qt5GuiVBox.dll
20712474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
20722474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
20732474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
20742474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
20752474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
20762474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [redoing WinVerifyTrust]
20772474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
20782474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
20792474.29fc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
20802474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20812474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
20822474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
20832474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
20842474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
20852474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
20862474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
20872474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
20882474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
20892474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
20902474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
20912474.29fc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
20922474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
20932474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20942474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
20952474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
20962474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
20972474.29fc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
20982474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
20992474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
21002474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
21012474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21022474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21032474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
21042474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
21052474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
21062474.29fc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
21072474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21082474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\platforms\qwindows.dll
21092474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe2e090000 LB 0x0012e000 C:\MeusProgs\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
21102474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\platforms\qwindows.dll
21112474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe2e090000 'C:\MeusProgs\VirtualBox\platforms\qwindows.dll'
21122474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000624 pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
21132474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
21142474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
21152474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=286AD1CEC16EFDCA5718925D19E68A486A5851A0
21162474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
21172474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
21182474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.476.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
21192474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
21202474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21212474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
21222474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
21232474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) WinVerifyTrust
21242474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
21252474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21262474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21272474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21292474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21302474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21312474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21322474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
21332474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe420e0000 LB 0x00099000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
21342474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
21352474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe420e0000 'C:\Windows\system32\uxtheme.dll'
21362474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45b00000 'C:\Windows\system32\user32.dll'
21372474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
21382474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21392474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46500000 'C:\Windows\system32\shell32.dll'
21402474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [redoing WinVerifyTrust]
21412474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
21422474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
21432474.29fc: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'
21442474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21452474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45d00000 'C:\Windows\system32\SHCore.dll'
21462474.29fc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
21472474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
21482474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
21492474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21502474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe41e40000 'C:\Windows\system32\winmm.dll'
21512474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
21522474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21532474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe41e40000 'C:\Windows\system32\winmm.dll'
21542474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
21552474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21562474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46500000 'C:\Windows\system32\shell32.dll'
21572474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
21582474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21592474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe420e0000 'C:\Windows\system32\uxtheme.dll'
21602474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
21612474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21622474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe452d0000 'C:\Windows\system32\advapi32.dll'
21632474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
21642474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
21652474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
21662474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
21672474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) WinVerifyTrust
21682474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
21692474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
21702474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
21712474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
21722474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21742474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21752474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
21762474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe43d50000 LB 0x00025000 C:\Windows\system32\userenv.dll [fFlags=0x0]
21772474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
21782474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe43d50000 'C:\Windows\system32\userenv.dll'
21792474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
21802474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21812474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45380000 'C:\Windows\System32\kernel32.dll'
21822474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46e00000 LB 0x000a2000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
21832474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21842474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
21852474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
21862474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
21872474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21882474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21892474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21902474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21912474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
21922474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
21932474.234c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
21942474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
21952474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
21962474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
21972474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
21982474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
21992474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
22002474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
22012474.234c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxC.dll) WinVerifyTrust
22022474.234c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxC.dll
22032474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
22042474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
22052474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
22062474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
22072474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
22082474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
22092474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22102474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22112474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
22122474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22132474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22142474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
22152474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
22162474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll
22172474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22182474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22192474.234c: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
22202474.234c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxC.dll
22212474.234c: supR3HardenedDllNotificationCallback: load 00007ffe19f20000 LB 0x003a4000 C:\MeusProgs\VirtualBox\VBoxC.dll [fFlags=0x0]
22222474.234c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxC.dll
22232474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe19f20000 'C:\MeusProgs\VirtualBox\VBoxC.dll'
22242474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
22252474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22262474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22272474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
22282474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
22292474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
22302474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
22312474.234c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
22322474.234c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
22332474.234c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxProxyStub.dll
22342474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22352474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22362474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
22372474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
22382474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
22392474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
22402474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
22412474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
22422474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
22432474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
22442474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [redoing WinVerifyTrust]
22452474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
22462474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
22472474.234c: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
22482474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22492474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22502474.234c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
22512474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22522474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22532474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22542474.234c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22552474.234c: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
22562474.234c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxProxyStub.dll
22572474.234c: supR3HardenedDllNotificationCallback: load 00007ffe2cfe0000 LB 0x000d5000 C:\MeusProgs\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
22582474.234c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxProxyStub.dll
22592474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe2cfe0000 'C:\MeusProgs\VirtualBox\VBoxProxyStub.dll'
22602474.234c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
22612474.234c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
22622474.234c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45560000 'C:\Windows\System32\oleaut32.dll'
22632474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45440000 'C:\Windows\system32\gdi32.dll'
22642474.21d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
22652474.21d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
22662474.21d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
22672474.21d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22682474.21d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
22692474.21d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
22702474.21d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
22712474.21d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22722474.21d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22732474.21d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
22742474.21d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
22752474.21d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22762474.21d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
22772474.21d8: supR3HardenedDllNotificationCallback: load 00007ffe3ea10000 LB 0x0000e000 C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
22782474.21d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
22792474.21d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3ea10000 'C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
22802474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
22812474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22822474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46500000 'C:\Windows\system32\shell32.dll'
22832474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe46220000 LB 0x00136000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
22842474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22852474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
22862474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
22872474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
22882474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
22892474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
22902474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
22912474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
22922474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22932474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22942474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
22952474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
22962474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
22972474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22982474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22992474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23002474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23012474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
23022474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23032474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23042474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
23052474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23062474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23072474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
23082474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
23092474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
23102474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009bc pwszName=\Device\HarddiskVolume4\Windows\System32\DataExchange.dll
23112474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
23122474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
23132474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3632E0380EF7C400BBC7C4B0B9ED8D9F9860503B
23142474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
23152474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
23162474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\DataExchange.dll'
23172474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23182474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23192474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
23202474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
23212474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
23222474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
23232474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) WinVerifyTrust
23242474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
23252474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
23262474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
23272474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
23282474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
23292474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
23302474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
23312474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) WinVerifyTrust
23322474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll
23332474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
23342474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
23352474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
23362474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
23372474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
23382474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
23392474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
23402474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
23412474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
23422474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
23432474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23442474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
23452474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
23462474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) WinVerifyTrust
23472474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll
23482474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
23492474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
23502474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
23512474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
23522474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
23532474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
23542474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
23552474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
23562474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
23572474.29fc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\dxgi.dll'.
23582474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23592474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
23602474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll)
23612474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll
23622474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23632474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23642474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
23652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
23662474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
23672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23692474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
23702474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23712474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
23722474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
23732474.29fc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
23742474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
23752474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
23762474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
23772474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23782474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23792474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
23802474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
23812474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
23822474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
23832474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
23842474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe42b20000 LB 0x000eb000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
23852474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll [avoiding WinVerifyTrust]
23862474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe412b0000 LB 0x0025b000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
23872474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
23882474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe41510000 LB 0x001db000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
23892474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
23902474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe2b960000 LB 0x0003a000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
23912474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
23922474.29fc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\dxgi.dll'.
23932474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rescheduled]
23942474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45440000 'C:\Windows\System32\gdi32.dll'
23952474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe2b960000 'C:\Windows\system32\dataexchange.dll'
23962474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
23972474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
23982474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
23992474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
24002474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll)
24012474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll
24022474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24032474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
24042474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rmclient.dll)
24052474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rmclient.dll
24062474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe42530000 LB 0x00029000 C:\Windows\system32\RMCLIENT.dll [fFlags=0x0]
24072474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
24082474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe421b0000 LB 0x0025a000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
24092474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
24102474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24112474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24122474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24132474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24142474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
24152474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
24162474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
24172474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
24182474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
24192474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
24202474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24212474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24222474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
24232474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume4\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
24242474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
24252474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
24262474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
24272474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rmclient.dll'
24282474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
24292474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
24302474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll'
24312474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
24322474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24332474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45d00000 'C:\Windows\system32\Shcore.dll'
24342474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24352474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
24362474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
24372474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
24382474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll)
24392474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
24402474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24412474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
24422474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
24432474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll)
24442474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
24452474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24462474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll)
24472474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
24482474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll)
24492474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll
24502474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
24512474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
24522474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
24532474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
24542474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
24552474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe42e80000 LB 0x00031000 C:\Windows\SYSTEM32\ntmarta.dll [fFlags=0x0]
24562474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
24572474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe41780000 LB 0x000d4000 C:\Windows\System32\CoreMessaging.dll [fFlags=0x0]
24582474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
24592474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe3fb60000 LB 0x00153000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
24602474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
24612474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe3fd90000 LB 0x0032a000 C:\Windows\System32\CoreUIComponents.dll [fFlags=0x0]
24622474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
24632474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe36a10000 LB 0x0009e000 C:\Windows\System32\TextInputFramework.dll [fFlags=0x0]
24642474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
24652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
24662474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
24672474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
24682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24692474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24702474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
24712474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
24722474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
24732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24742474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24752474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
24762474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
24772474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
24782474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
24792474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
24802474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
24812474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24822474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24832474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
24842474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
24852474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
24862474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
24872474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
24882474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
24892474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24902474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24912474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24922474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
24942474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
24952474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\WinTypes.dll'
24962474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
24972474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
24982474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntmarta.dll'
24992474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25002474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25012474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll'
25022474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25032474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25042474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll'
25052474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25062474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25072474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll'
25082474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
25092474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25102474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45b00000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
25112474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
25122474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25132474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45b00000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
25142474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
25152474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25162474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45690000 'api-ms-win-core-com-l1-1-0.dll'
25172474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25182474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\iertutil.dll)
25192474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\iertutil.dll
25202474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe35420000 LB 0x002a6000 C:\Windows\System32\iertutil.dll [fFlags=0x0]
25212474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
25222474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25232474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25242474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25252474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25262474.29fc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\iertutil.dll'
25272474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
25282474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
25292474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46220000 'C:\Windows\System32\MSCTF.dll'
25302474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
25312474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25322474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46ca0000 'C:\Windows\System32\ole32.dll'
25332474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
25342474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25352474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45560000 'C:\Windows\System32\OLEAUT32.dll'
25362474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab0 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
25372474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
25382474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
25392474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DB1AA7E2E4704C908EC9382E1F9E64808B9E5E1D
25402474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25412474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25422474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll'
25432474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25442474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25452474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
25462474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
25472474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
25482474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
25492474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
25502474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
25512474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b08 pwszName=\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
25522474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
25532474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
25542474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22EAF38FA276D7A374D3945ACD556FA0953D3440
25552474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25562474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25572474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll'
25582474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25592474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25602474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
25612474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
25622474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll) WinVerifyTrust
25632474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
25642474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
25652474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
25662474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
25672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25692474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
25702474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
25712474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
25722474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
25732474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
25742474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
25752474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25762474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25772474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25782474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
25792474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
25802474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe3c210000 LB 0x00084000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
25812474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
25822474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe3c3a0000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
25832474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
25842474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
25852474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
25862474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
25872474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3c3a0000 'C:\Windows\system32\wbem\wbemprox.dll'
25882474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b0c pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
25892474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
25902474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
25912474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00C864D7F76A7AD25E7D0DA164B0B66188F5B7FF
25922474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
25932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
25942474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll'
25952474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25962474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25972474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
25982474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
25992474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
26002474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26012474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26022474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26032474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26042474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
26052474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
26062474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe394e0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
26072474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
26082474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe394e0000 'C:\Windows\system32\wbem\wbemsvc.dll'
26092474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
26102474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
26112474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-localization-l1-2-0.dll'
26122474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
26132474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
26142474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
26152474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b6c pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
26162474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
26172474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
26182474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
26192474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
26202474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
26212474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll'
26222474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26232474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26242474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
26252474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
26262474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
26272474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
26282474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
26292474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
26302474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26312474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26322474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
26332474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
26342474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe39560000 LB 0x00101000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
26352474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
26362474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe39560000 'C:\Windows\system32\wbem\fastprox.dll'
26372474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b88 pwszName=\Device\HarddiskVolume4\Windows\System32\amsi.dll
26382474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
26392474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
26402474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5D4D58A583ACAD5AA76D7DD0F2DB8ADE903942B
26412474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
26422474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
26432474.29fc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.446.cat'; file='\Device\HarddiskVolume4\Windows\System32\amsi.dll'
26442474.29fc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26452474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26462474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
26472474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'userenv.dll'.
26482474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\amsi.dll) WinVerifyTrust
26492474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\amsi.dll
26502474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
26512474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
26522474.29fc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
26532474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26542474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26552474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26562474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26572474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26582474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
26592474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe39420000 LB 0x00015000 C:\Windows\System32\amsi.dll [fFlags=0x0]
26602474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
26612474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe39420000 'C:\Windows\System32\amsi.dll'
26622474.29fc: \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll: Owner is administrators group.
26632474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
26642474.29fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
26652474.29fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll) WinVerifyTrust
26662474.29fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll
26672474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26682474.29fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
26692474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26702474.29fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll
26712474.29fc: supR3HardenedDllNotificationCallback: load 00007ffe391f0000 LB 0x00226000 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll [fFlags=0x0]
26722474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll
26732474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
26742474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26752474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-synch-l1-2-0'
26762474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
26772474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26782474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-fibers-l1-1-1'
26792474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
26802474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26812474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-synch-l1-2-0'
26822474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
26832474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26842474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-fibers-l1-1-1'
26852474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
26862474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26872474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-localization-l1-2-1'
26882474.29fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
26892474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26902474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45380000 'C:\Windows\System32\kernel32.dll'
26912474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
26922474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26932474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-string-l1-1-0'
26942474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
26952474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26962474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-datetime-l1-1-1'
26972474.29fc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
26982474.29fc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26992474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe44340000 'api-ms-win-core-localization-obsolete-l1-2-0'
27002474.29fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe391f0000 'C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 20.0\x64\antimalware_provider.dll'
27012474.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
27022474.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27032474.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
27042474.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27052474.1914: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll) WinVerifyTrust
27062474.1914: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll
27072474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27082474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27092474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
27102474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
27112474.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
27122474.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
27132474.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27142474.1914: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
27152474.1914: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxREM.dll) WinVerifyTrust
27162474.1914: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxREM.dll
27172474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27182474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27192474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27202474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27212474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27222474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27232474.1914: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll
27242474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27252474.1914: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27262474.1914: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27272474.1914: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll
27282474.1914: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxREM.dll
27292474.1914: supR3HardenedDllNotificationCallback: load 000000006e870000 LB 0x0010b000 C:\MeusProgs\VirtualBox\VBoxREM.dll [fFlags=0x0]
27302474.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxREM.dll
27312474.1914: supR3HardenedDllNotificationCallback: load 00007ffe19be0000 LB 0x00331000 C:\MeusProgs\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
27322474.1914: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll
27332474.1914: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe19be0000 'C:\MeusProgs\VirtualBox\VBoxVMM.DLL'
27342474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
27352474.1dd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
27362474.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27372474.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27382474.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27392474.1dd0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
27402474.1dd0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
27412474.1dd0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSharedClipboard.dll
27422474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27432474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27442474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27452474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27462474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27472474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27482474.1dd0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll
27492474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27502474.1dd0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27512474.1dd0: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27522474.1dd0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSharedClipboard.dll
27532474.1dd0: supR3HardenedDllNotificationCallback: load 00007ffe3d090000 LB 0x0000b000 C:\MeusProgs\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
27542474.1dd0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxSharedClipboard.dll
27552474.1dd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3d090000 'C:\MeusProgs\VirtualBox\VBoxSharedClipboard.DLL'
27562474.1dd0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe45b00000 'C:\Windows\system32\User32.dll'
27572474.238c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
27582474.238c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27592474.238c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
27602474.238c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27612474.238c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
27622474.238c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxDragAndDropSvc.dll
27632474.238c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27642474.238c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27652474.238c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
27662474.238c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
27672474.238c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27682474.238c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27692474.238c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll
27702474.238c: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27712474.238c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxDragAndDropSvc.dll
27722474.238c: supR3HardenedDllNotificationCallback: load 00007ffe3d000000 LB 0x0000d000 C:\MeusProgs\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
27732474.238c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxDragAndDropSvc.dll
27742474.238c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3d000000 'C:\MeusProgs\VirtualBox\VBoxDragAndDropSvc.DLL'
27752474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
27762474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27772474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46500000 'C:\Windows\system32\Shell32.dll'
27782474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\VBoxVMM.dll
27792474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27802474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe19be0000 'C:\MeusProgs\VirtualBox\VBoxVMM.DLL'
27812474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
27822474.130c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27832474.130c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
27842474.130c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
27852474.130c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
27862474.130c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
27872474.130c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
27882474.130c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
27892474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27902474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
27912474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27922474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
27932474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27942474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27952474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27962474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27972474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27982474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\MeusProgs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27992474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28002474.130c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28012474.130c: supR3HardenedDllNotificationCallback: load 00007ffe2f510000 LB 0x00041000 C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
28022474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
28032474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe2f510000 'C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
28042474.130c: supR3HardenedDllNotificationCallback: Unload 00007ffe2f510000 LB 0x00041000 C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
28052474.130c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c1c pwszName=\Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
28062474.130c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001243580
28072474.130c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001243580
28082474.130c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F44CBC4BAFE3CCCC07F920C1E6C13E8202CB0B4C
28092474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
28102474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
28112474.130c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.18362.476.cat'; file='\Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll'
28122474.130c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28132474.130c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'.
28142474.130c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
28152474.130c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
28162474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'...
28172474.130c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume4\Windows\System32\vid.dll' [rcNtRedir=0xc0150008]
28182474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
28192474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
28202474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28212474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
28222474.130c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\vid.dll) WinVerifyTrust
28232474.130c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\vid.dll
28242474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28252474.130c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
28262474.130c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\vid.dll
28272474.130c: supR3HardenedDllNotificationCallback: load 00007ffe339f0000 LB 0x00019000 C:\Windows\SYSTEM32\vid.dll [fFlags=0x0]
28282474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\vid.dll
28292474.130c: supR3HardenedDllNotificationCallback: load 00007ffe3c6d0000 LB 0x00024000 C:\Windows\system32\WinHvPlatform.dll [fFlags=0x0]
28302474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
28312474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe3c6d0000 'C:\Windows\system32\WinHvPlatform.dll'
28322474.130c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\vid.dll
28332474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28342474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe339f0000 'C:\Windows\system32\vid.dll'
28352474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe431a0000 'C:\Windows\system32\rsaenh.dll'
28362474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe440c0000 'C:\Windows\System32\crypt32.dll'
28372474.130c: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
28382474.130c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll) WinVerifyTrust
28392474.130c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
28402474.130c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28412474.130c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe46fc0000 'C:\Windows\system32\NTDLL.DLL'
28422474.238c: supR3HardenedDllNotificationCallback: Unload 00007ffe3d000000 LB 0x0000d000 C:\MeusProgs\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
28432474.1dd0: supR3HardenedDllNotificationCallback: Unload 00007ffe3d090000 LB 0x0000b000 C:\MeusProgs\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
28442474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe3ea10000 LB 0x0000e000 C:\MeusProgs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [flags=0x0]
28452474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe19f20000 LB 0x003a4000 C:\MeusProgs\VirtualBox\VBoxC.dll [flags=0x0]
28462474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe394e0000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
28472474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe3c3a0000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
28482474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe2b960000 LB 0x0003a000 C:\Windows\system32\dataexchange.dll [flags=0x0]
28492474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe412b0000 LB 0x0025b000 C:\Windows\system32\d3d11.dll [flags=0x0]
28502474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe42b20000 LB 0x000eb000 C:\Windows\system32\dxgi.dll [flags=0x0]
28512474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe41510000 LB 0x001db000 C:\Windows\system32\dcomp.dll [flags=0x0]
28522474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe421b0000 LB 0x0025a000 C:\Windows\system32\twinapi.appcore.dll [flags=0x0]
28532474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe42530000 LB 0x00029000 C:\Windows\system32\RMCLIENT.dll [flags=0x0]
28542474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe2cfe0000 LB 0x000d5000 C:\MeusProgs\VirtualBox\VBoxProxyStub.dll [flags=0x0]
28552474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe39560000 LB 0x00101000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0]
28562474.29fc: supR3HardenedDllNotificationCallback: Unload 00007ffe3c210000 LB 0x00084000 C:\Windows\SYSTEM32\wbemcomn.dll [flags=0x0]
28572474.29fc: Terminating the normal way: rcExit=0
28581f88.4e8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 4869 ms, the end);
28592690.1334: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 5600 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy