VirtualBox

Ticket #19154: VBoxHardening.log

File VBoxHardening.log, 507.5 KB (added by kfehrenbach, 3 years ago)
Line 
1
24e58.30b4: 00007fff223bd782 / 0x009d782: d1 != 2c
34e58.30b4: 00007fff223bd783 / 0x009d783: b8 != fe
44e58.30b4: 00007fff223bd784 / 0x009d784: 50 != bf
54e58.30b4: 00007fff223bd785 / 0x009d785: 00 != cc
64e58.30b4: 00007fff223bd786 / 0x009d786: 00 != cc
74e58.30b4: 00007fff223bd787 / 0x009d787: 00 != cc
84e58.30b4: 00007fff223bd7c0 / 0x009d7c0: 4c != e9
94e58.30b4: 00007fff223bd7c1 / 0x009d7c1: 8b != b3
104e58.30b4: 00007fff223bd7c2 / 0x009d7c2: d1 != 2c
114e58.30b4: 00007fff223bd7c3 / 0x009d7c3: b8 != fe
124e58.30b4: 00007fff223bd7c4 / 0x009d7c4: 52 != bf
134e58.30b4: 00007fff223bd7c5 / 0x009d7c5: 00 != cc
144e58.30b4: 00007fff223bd7c6 / 0x009d7c6: 00 != cc
154e58.30b4: 00007fff223bd7c7 / 0x009d7c7: 00 != cc
164e58.30b4: Restored 0x2000 bytes of original file content at 00007fff223bc04e
174e58.30b4: ntdll.dll: Differences in section #1 (.text) between file and memory:
184e58.30b4: 00007fff223be510 / 0x009e510: 4c != e9
194e58.30b4: 00007fff223be511 / 0x009e511: 8b != 23
204e58.30b4: 00007fff223be512 / 0x009e512: d1 != 23
214e58.30b4: 00007fff223be513 / 0x009e513: b8 != fe
224e58.30b4: 00007fff223be514 / 0x009e514: bd != bf
234e58.30b4: 00007fff223be515 / 0x009e515: 00 != cc
244e58.30b4: 00007fff223be516 / 0x009e516: 00 != cc
254e58.30b4: 00007fff223be517 / 0x009e517: 00 != cc
264e58.30b4: 00007fff223be5f0 / 0x009e5f0: 4c != e9
274e58.30b4: 00007fff223be5f1 / 0x009e5f1: 8b != 03
284e58.30b4: 00007fff223be5f2 / 0x009e5f2: d1 != 23
294e58.30b4: 00007fff223be5f3 / 0x009e5f3: b8 != fe
304e58.30b4: 00007fff223be5f4 / 0x009e5f4: c4 != bf
314e58.30b4: 00007fff223be5f5 / 0x009e5f5: 00 != cc
324e58.30b4: 00007fff223be5f6 / 0x009e5f6: 00 != cc
334e58.30b4: 00007fff223be5f7 / 0x009e5f7: 00 != cc
344e58.30b4: 00007fff223bed70 / 0x009ed70: 4c != e9
354e58.30b4: 00007fff223bed71 / 0x009ed71: 8b != a3
364e58.30b4: 00007fff223bed72 / 0x009ed72: d1 != 16
374e58.30b4: 00007fff223bed73 / 0x009ed73: b8 != fe
384e58.30b4: 00007fff223bed74 / 0x009ed74: 00 != bf
394e58.30b4: 00007fff223bed75 / 0x009ed75: 01 != cc
404e58.30b4: 00007fff223bed76 / 0x009ed76: 00 != cc
414e58.30b4: 00007fff223bed77 / 0x009ed77: 00 != cc
424e58.30b4: 00007fff223bef30 / 0x009ef30: 4c != e9
434e58.30b4: 00007fff223bef31 / 0x009ef31: 8b != e3
444e58.30b4: 00007fff223bef32 / 0x009ef32: d1 != 1a
454e58.30b4: 00007fff223bef33 / 0x009ef33: b8 != fe
464e58.30b4: 00007fff223bef34 / 0x009ef34: 0e != bf
474e58.30b4: 00007fff223bef35 / 0x009ef35: 01 != cc
484e58.30b4: 00007fff223bef36 / 0x009ef36: 00 != cc
494e58.30b4: 00007fff223bef37 / 0x009ef37: 00 != cc
504e58.30b4: 00007fff223bf8d0 / 0x009f8d0: 4c != e9
514e58.30b4: 00007fff223bf8d1 / 0x009f8d1: 8b != 83
524e58.30b4: 00007fff223bf8d2 / 0x009f8d2: d1 != 0d
534e58.30b4: 00007fff223bf8d3 / 0x009f8d3: b8 != fe
544e58.30b4: 00007fff223bf8d4 / 0x009f8d4: 5b != bf
554e58.30b4: 00007fff223bf8d5 / 0x009f8d5: 01 != cc
564e58.30b4: 00007fff223bf8d6 / 0x009f8d6: 00 != cc
574e58.30b4: 00007fff223bf8d7 / 0x009f8d7: 00 != cc
584e58.30b4: 00007fff223bf950 / 0x009f950: 4c != e9
594e58.30b4: 00007fff223bf951 / 0x009f951: 8b != 83
604e58.30b4: 00007fff223bf952 / 0x009f952: d1 != 0e
614e58.30b4: 00007fff223bf953 / 0x009f953: b8 != fe
624e58.30b4: 00007fff223bf954 / 0x009f954: 5f != bf
634e58.30b4: 00007fff223bf955 / 0x009f955: 01 != cc
644e58.30b4: 00007fff223bf956 / 0x009f956: 00 != cc
654e58.30b4: 00007fff223bf957 / 0x009f957: 00 != cc
664e58.30b4: 00007fff223bfe10 / 0x009fe10: 4c != e9
674e58.30b4: 00007fff223bfe11 / 0x009fe11: 8b != 23
684e58.30b4: 00007fff223bfe12 / 0x009fe12: d1 != 07
694e58.30b4: 00007fff223bfe13 / 0x009fe13: b8 != fe
704e58.30b4: 00007fff223bfe14 / 0x009fe14: 85 != bf
714e58.30b4: 00007fff223bfe15 / 0x009fe15: 01 != cc
724e58.30b4: 00007fff223bfe16 / 0x009fe16: 00 != cc
734e58.30b4: 00007fff223bfe17 / 0x009fe17: 00 != cc
744e58.30b4: Restored 0x2000 bytes of original file content at 00007fff223be04e
754e58.30b4: kernel32.dll: Differences in section #1 (.text) between file and memory:
764e58.30b4: 00007fff21dd6d00 / 0x0036d00: 48 != e9
774e58.30b4: 00007fff21dd6d01 / 0x0036d01: 83 != 73
784e58.30b4: 00007fff21dd6d02 / 0x0036d02: ec != 9d
794e58.30b4: 00007fff21dd6d03 / 0x0036d03: 28 != 5c
804e58.30b4: 00007fff21dd6d04 / 0x0036d04: ff != c0
814e58.30b4: 00007fff21dd6d05 / 0x0036d05: 15 != cc
824e58.30b4: 00007fff21dd6d06 / 0x0036d06: ee != cc
834e58.30b4: 00007fff21dd6d07 / 0x0036d07: 25 != cc
844e58.30b4: 00007fff21dd6d08 / 0x0036d08: 04 != cc
854e58.30b4: 00007fff21dd6d09 / 0x0036d09: 00 != cc
864e58.30b4: Restored 0x2000 bytes of original file content at 00007fff21dd5000
874e58.30b4: kernelbase.dll: Differences in section #1 (.text) between file and memory:
884e58.30b4: 00007fff1fe866f0 / 0x00566f0: 48 != e9
894e58.30b4: 00007fff1fe866f1 / 0x00566f1: 89 != 43
904e58.30b4: 00007fff1fe866f2 / 0x00566f2: 5c != a4
914e58.30b4: 00007fff1fe866f3 / 0x00566f3: 24 != 51
924e58.30b4: 00007fff1fe866f4 / 0x00566f4: 08 != c2
934e58.30b4: Restored 0x2000 bytes of original file content at 00007fff1fe85000
944e58.30b4: kernelbase.dll: Differences in section #1 (.text) between file and memory:
954e58.30b4: 00007fff1fe87ea0 / 0x0057ea0: 40 != e9
964e58.30b4: 00007fff1fe87ea2 / 0x0057ea2: 56 != 8d
974e58.30b4: 00007fff1fe87ea3 / 0x0057ea3: 57 != 51
984e58.30b4: 00007fff1fe87ea4 / 0x0057ea4: 41 != c2
994e58.30b4: 00007fff1fe87ea5 / 0x0057ea5: 54 != cc
1004e58.30b4: Restored 0x2000 bytes of original file content at 00007fff1fe87000
1014e58.30b4: kernelbase.dll: Differences in section #1 (.text) between file and memory:
1024e58.30b4: 00007fff1feac5b0 / 0x007c5b0: 48 != e9
1034e58.30b4: 00007fff1feac5b1 / 0x007c5b1: 8b != e3
1044e58.30b4: 00007fff1feac5b2 / 0x007c5b2: c4 != 45
1054e58.30b4: 00007fff1feac5b3 / 0x007c5b3: 48 != 4f
1064e58.30b4: 00007fff1feac5b4 / 0x007c5b4: 89 != c2
1074e58.30b4: 00007fff1feac5b5 / 0x007c5b5: 58 != cc
1084e58.30b4: 00007fff1feac5b6 / 0x007c5b6: 08 != cc
1094e58.30b4: Restored 0x2000 bytes of original file content at 00007fff1feab000
1104e58.30b4: kernelbase.dll: Differences in section #1 (.text) between file and memory:
1114e58.30b4: 00007fff1ff30f90 / 0x0100f90: 48 != e9
1124e58.30b4: 00007fff1ff30f91 / 0x0100f91: 89 != 43
1134e58.30b4: 00007fff1ff30f92 / 0x0100f92: 5c != fb
1144e58.30b4: 00007fff1ff30f93 / 0x0100f93: 24 != 46
1154e58.30b4: 00007fff1ff30f94 / 0x0100f94: 10 != c2
1164e58.30b4: Restored 0x2000 bytes of original file content at 00007fff1ff2f000
1174e58.30b4: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=9
1184e58.30b4: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
1194e58.30b4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
1204e58.30b4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
1214e58.30b4: supR3HardNtEnableThreadCreationEx:
1224e58.30b4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff22392040 pvNtTerminateThread=00007fff223bd7e0
1234e58.30b4: supR3HardenedWinDoReSpawn(1): New child 4c54.2d10 [kernel32].
1244e58.30b4: supR3HardNtChildGatherData: PebBaseAddress=0000000000db2000 cbPeb=0x388
1254e58.30b4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fff22320000 uNtDllChildAddr=00007fff22320000
1264e58.30b4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fff22392040
1274e58.30b4: supR3HardenedWinSetupChildInit: Initial context:
128 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff64ab47900 rdx=0000000000db2000
129 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
130 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
131 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
132 rip=00007fff2238d700 rsp=0000000000f1fe08 rbp=0000000000000000 ctxflags=0010001b
133 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
134 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
135 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
136 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
137 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
1384e58.30b4: supR3HardenedWinSetupChildInit: Start child.
1394e58.30b4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1404e58.30b4: supR3HardNtChildPurify: Startup delay kludge #1/0: 522 ms, 29 sleeps
1414e58.30b4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1424e58.30b4: *0000000000000000-0000000000bdffff 0x0001/0x0000 0x0000000
1434e58.30b4: *0000000000be0000-0000000000bfffff 0x0004/0x0004 0x0020000
1444e58.30b4: *0000000000c00000-0000000000db1fff 0x0000/0x0004 0x0020000
1454e58.30b4: 0000000000db2000-0000000000db4fff 0x0004/0x0004 0x0020000
1464e58.30b4: 0000000000db5000-0000000000dfffff 0x0000/0x0004 0x0020000
1474e58.30b4: *0000000000e00000-0000000000e1afff 0x0002/0x0002 0x0040000
1484e58.30b4: 0000000000e1b000-0000000000e1ffff 0x0001/0x0000 0x0000000
1494e58.30b4: *0000000000e20000-0000000000f1afff 0x0000/0x0004 0x0020000
1504e58.30b4: 0000000000f1b000-0000000000f1dfff 0x0104/0x0004 0x0020000
1514e58.30b4: 0000000000f1e000-0000000000f1ffff 0x0004/0x0004 0x0020000
1524e58.30b4: *0000000000f20000-0000000000f23fff 0x0002/0x0002 0x0040000
1534e58.30b4: 0000000000f24000-0000000000f2ffff 0x0001/0x0000 0x0000000
1544e58.30b4: *0000000000f30000-0000000000f31fff 0x0004/0x0004 0x0020000
1554e58.30b4: 0000000000f32000-000000007ffdffff 0x0001/0x0000 0x0000000
1564e58.30b4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
1574e58.30b4: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
1584e58.30b4: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
1594e58.30b4: 000000007fff0000-00007ff582beffff 0x0001/0x0000 0x0000000
1604e58.30b4: *00007ff582bf0000-00007ff582bf0fff 0x0002/0x0002 0x0040000
1614e58.30b4: 00007ff582bf1000-00007ff582bfffff 0x0001/0x0000 0x0000000
1624e58.30b4: *00007ff582c00000-00007ff582c22fff 0x0002/0x0002 0x0040000
1634e58.30b4: 00007ff582c23000-00007ff64ab3ffff 0x0001/0x0000 0x0000000
1644e58.30b4: *00007ff64ab40000-00007ff64ab40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1654e58.30b4: 00007ff64ab41000-00007ff64abb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1664e58.30b4: 00007ff64abb8000-00007ff64abb8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1674e58.30b4: 00007ff64abb9000-00007ff64ac01fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1684e58.30b4: 00007ff64ac02000-00007ff64ac02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1694e58.30b4: 00007ff64ac03000-00007ff64ac03fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1704e58.30b4: 00007ff64ac04000-00007ff64ac08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1714e58.30b4: 00007ff64ac09000-00007ff64ac09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1724e58.30b4: 00007ff64ac0a000-00007ff64ac0afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1734e58.30b4: 00007ff64ac0b000-00007ff64ac0efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1744e58.30b4: 00007ff64ac0f000-00007ff64ac57fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1754e58.30b4: 00007ff64ac58000-00007fff2231ffff 0x0001/0x0000 0x0000000
1764e58.30b4: *00007fff22320000-00007fff22320fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1774e58.30b4: 00007fff22321000-00007fff22437fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1784e58.30b4: 00007fff22438000-00007fff2247efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1794e58.30b4: 00007fff2247f000-00007fff2248afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1804e58.30b4: 00007fff2248b000-00007fff22499fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1814e58.30b4: 00007fff2249a000-00007fff2249afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1824e58.30b4: 00007fff2249b000-00007fff2249dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1834e58.30b4: 00007fff2249e000-00007fff2250ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
1844e58.30b4: 00007fff22510000-00007ffffffeffff 0x0001/0x0000 0x0000000
1854e58.30b4: supR3HardNtChildPurify: Done after 522 ms and 0 fixes (loop #0).
1864c54.2d10: Log file opened: 6.1.18r142142 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
1874c54.2d10: supR3HardenedVmProcessInit: uNtDllAddr=00007fff22320000 g_uNtVerCombined=0xa047bb00 (stack ~0000000000f1f898)
1884c54.2d10: ntdll.dll: timestamp 0x443b1261 (rc=VINF_SUCCESS)
1894c54.2d10: New simple heap: #1 0000000001040000 LB 0x400000 (for 2031616 allocation)
1904c54.2d10: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
1914e58.30b4: supR3HardNtEnableThreadCreationEx:
1924c54.2d10: System32: \Device\HarddiskVolume4\Windows\System32
1934c54.2d10: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
1944c54.2d10: KnownDllPath: C:\WINDOWS\System32
1954c54.2d10: supR3HardenedVmProcessInit: Opening vboxdrv stub...
1964c54.2d10: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
1974c54.2d10: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
1984c54.2d10: Registered Dll notification callback with NTDLL.
1994c54.2d10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
2004c54.2d10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2014c54.2d10: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
2024c54.2d10: supR3HardenedDllNotificationCallback: load 00007fff1fe30000 LB 0x002a5000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
2034c54.2d10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
2044c54.2d10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2054c54.2d10: supR3HardenedDllNotificationCallback: load 00007fff21da0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
2064c54.2d10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2074c54.2d10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\KERNEL32.DLL'
2084c54.2d10: supR3HardenedDllNotificationCallback: load 00007ff64ab40000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
2094c54.2d10: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
2104c54.2d10: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
2114c54.2d10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
2124c54.2d10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2134c54.2d10: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff22392040 pvNtTerminateThread=00007fff223bd7e0
2144e58.30b4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 81 ms.
2154c54.2d10: \SystemRoot\System32\ntdll.dll:
2164c54.2d10: CreationTime: 2021-03-26T10:05:55.924577700Z
2174c54.2d10: LastWriteTime: 2021-03-26T10:05:55.965582200Z
2184c54.2d10: ChangeTime: 2021-03-27T05:40:50.307825500Z
2194c54.2d10: FileAttributes: 0x20
2204c54.2d10: Size: 0x1e8050
2214c54.2d10: NT Headers: 0xd8
2224c54.2d10: Timestamp: 0x443b1261
2234c54.2d10: Machine: 0x8664 - amd64
2244c54.2d10: Timestamp: 0x443b1261
2254c54.2d10: Image Version: 10.0
2264c54.2d10: SizeOfImage: 0x1f0000 (2031616)
2274c54.2d10: Resource Dir: 0x17f000 LB 0x6f310
2284c54.2d10: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2294c54.2d10: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
2304c54.2d10: ProductName: Microsoft® Windows® Operating System
2314c54.2d10: ProductVersion: 10.0.18362.1411
2324c54.2d10: FileVersion: 10.0.18362.1411 (WinBuild.160101.0800)
2334c54.2d10: FileDescription: NT Layer DLL
2344c54.2d10: \SystemRoot\System32\kernel32.dll:
2354c54.2d10: CreationTime: 2021-02-26T10:09:36.922809700Z
2364c54.2d10: LastWriteTime: 2021-02-26T10:09:36.938430200Z
2374c54.2d10: ChangeTime: 2021-03-26T10:06:56.117722000Z
2384c54.2d10: FileAttributes: 0x20
2394c54.2d10: Size: 0xb04b0
2404c54.2d10: NT Headers: 0xf8
2414c54.2d10: Timestamp: 0x33adb7d2
2424c54.2d10: Machine: 0x8664 - amd64
2434c54.2d10: Timestamp: 0x33adb7d2
2444c54.2d10: Image Version: 10.0
2454c54.2d10: SizeOfImage: 0xb2000 (729088)
2464c54.2d10: Resource Dir: 0xb0000 LB 0x520
2474c54.2d10: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2484c54.2d10: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
2494c54.2d10: ProductName: Microsoft® Windows® Operating System
2504c54.2d10: ProductVersion: 10.0.18362.1350
2514c54.2d10: FileVersion: 10.0.18362.1350 (WinBuild.160101.0800)
2524c54.2d10: FileDescription: Windows NT BASE API Client DLL
2534c54.2d10: \SystemRoot\System32\KernelBase.dll:
2544c54.2d10: CreationTime: 2021-03-26T10:05:56.470737800Z
2554c54.2d10: LastWriteTime: 2021-03-26T10:05:56.533727500Z
2564c54.2d10: ChangeTime: 2021-03-27T05:40:49.104658500Z
2574c54.2d10: FileAttributes: 0x20
2584c54.2d10: Size: 0x2a5c80
2594c54.2d10: NT Headers: 0x100
2604c54.2d10: Timestamp: 0xeb8644a5
2614c54.2d10: Machine: 0x8664 - amd64
2624c54.2d10: Timestamp: 0xeb8644a5
2634c54.2d10: Image Version: 10.0
2644c54.2d10: SizeOfImage: 0x2a5000 (2772992)
2654c54.2d10: Resource Dir: 0x27f000 LB 0x548
2664c54.2d10: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
2674c54.2d10: [Raw version resource data: 0x27f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
2684c54.2d10: ProductName: Microsoft® Windows® Operating System
2694c54.2d10: ProductVersion: 10.0.18362.1411
2704c54.2d10: FileVersion: 10.0.18362.1411 (WinBuild.160101.0800)
2714c54.2d10: FileDescription: Windows NT BASE API Client DLL
2724c54.2d10: \SystemRoot\System32\apisetschema.dll:
2734c54.2d10: CreationTime: 2019-03-19T04:43:54.837151500Z
2744c54.2d10: LastWriteTime: 2019-03-19T04:43:54.837151500Z
2754c54.2d10: ChangeTime: 2021-03-26T10:06:56.074724000Z
2764c54.2d10: FileAttributes: 0x20
2774c54.2d10: Size: 0x1d028
2784c54.2d10: NT Headers: 0xc8
2794c54.2d10: Timestamp: 0xd6ced080
2804c54.2d10: Machine: 0x8664 - amd64
2814c54.2d10: Timestamp: 0xd6ced080
2824c54.2d10: Image Version: 10.0
2834c54.2d10: SizeOfImage: 0x1e000 (122880)
2844c54.2d10: Resource Dir: 0x1d000 LB 0x408
2854c54.2d10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
2864c54.2d10: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
2874c54.2d10: ProductName: Microsoft® Windows® Operating System
2884c54.2d10: ProductVersion: 10.0.18362.1
2894c54.2d10: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
2904c54.2d10: FileDescription: ApiSet Schema DLL
2914c54.2d10: NtOpenDirectoryObject failed on \Driver: 0xc0000022
2924c54.2d10: supR3HardenedWinFindAdversaries: 0x1000
2934c54.2d10: \SystemRoot\System32\drivers\vsdatant.sys:
2944c54.2d10: CreationTime: 2020-03-12T13:29:04.000000000Z
2954c54.2d10: LastWriteTime: 2020-12-03T07:38:34.000000000Z
2964c54.2d10: ChangeTime: 2021-02-25T07:42:10.584333400Z
2974c54.2d10: FileAttributes: 0x20
2984c54.2d10: Size: 0x9b780
2994c54.2d10: NT Headers: 0x100
3004c54.2d10: Timestamp: 0x5fc7c4b8
3014c54.2d10: Machine: 0x8664 - amd64
3024c54.2d10: Timestamp: 0x5fc7c4b8
3034c54.2d10: Image Version: 10.0
3044c54.2d10: SizeOfImage: 0xc0000 (786432)
3054c54.2d10: Resource Dir: 0xbe000 LB 0x3d0
3064c54.2d10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
3074c54.2d10: [Raw version resource data: 0xbe060 LB 0x36c, codepage 0x0 (reserved 0x0)]
3084c54.2d10: ProductName: End Point Security
3094c54.2d10: ProductVersion: R80
3104c54.2d10: FileVersion: 926004505
3114c54.2d10: FileDescription: ZoneAlarm Firewalling Driver
3124c54.2d10: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3134c54.2d10: Calling main()
3144c54.2d10: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
3154c54.2d10: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3164c54.2d10: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
3174c54.2d10: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
3184c54.2d10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
3194c54.2d10: SUPR3HardenedMain: Respawn #2
3204c54.2d10: supR3HardNtEnableThreadCreationEx:
3214c54.2d10: supR3HardenedDllNotificationCallback: load 00007fff20570000 LB 0x0011f000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
3224c54.2d10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
3234c54.2d10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
3244c54.2d10: supR3HardenedDllNotificationCallback: load 00007fff20bb0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
3254c54.2d10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
3264c54.2d10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
3274c54.2d10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
3284c54.2d10: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
3294c54.2d10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll)
3304c54.2d10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3314c54.2d10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3324c54.2d10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3334c54.2d10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
3344c54.2d10: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3354c54.2d10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff22320000 'C:\WINDOWS\System32\ntdll.dll'
3364c54.2d10: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff22392040 pvNtTerminateThread=00007fff223bd7e0
3374c54.2d10: supR3HardenedWinDoReSpawn(2): New child 14b8.3bc [kernel32].
3384c54.2d10: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
3394c54.2d10: supR3HardNtChildGatherData: PebBaseAddress=0000000000ed6000 cbPeb=0x388
3404c54.2d10: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fff22320000 uNtDllChildAddr=00007fff22320000
3414c54.2d10: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fff22392040
3424c54.2d10: supR3HardenedWinSetupChildInit: Initial context:
343 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff64ab47900 rdx=0000000000ed6000
344 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
345 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
346 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
347 rip=00007fff2238d700 rsp=0000000000d7fbb8 rbp=0000000000000000 ctxflags=0010001b
348 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
349 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
350 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
351 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
352 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
3534c54.2d10: kernel32.dll: timestamp 0x33adb7d2 (rc=VINF_SUCCESS)
3544c54.2d10: supR3HardenedWinSetupChildInit: Start child.
3554c54.2d10: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
3564c54.2d10: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 29 sleeps
3574c54.2d10: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3584c54.2d10: *0000000000000000-0000000000c3ffff 0x0001/0x0000 0x0000000
3594c54.2d10: *0000000000c40000-0000000000c5ffff 0x0004/0x0004 0x0020000
3604c54.2d10: *0000000000c60000-0000000000c7afff 0x0002/0x0002 0x0040000
3614c54.2d10: 0000000000c7b000-0000000000c7ffff 0x0001/0x0000 0x0000000
3624c54.2d10: *0000000000c80000-0000000000d7afff 0x0000/0x0004 0x0020000
3634c54.2d10: 0000000000d7b000-0000000000d7dfff 0x0104/0x0004 0x0020000
3644c54.2d10: 0000000000d7e000-0000000000d7ffff 0x0004/0x0004 0x0020000
3654c54.2d10: *0000000000d80000-0000000000d83fff 0x0002/0x0002 0x0040000
3664c54.2d10: 0000000000d84000-0000000000d8ffff 0x0001/0x0000 0x0000000
3674c54.2d10: *0000000000d90000-0000000000d91fff 0x0004/0x0004 0x0020000
3684c54.2d10: 0000000000d92000-0000000000dfffff 0x0001/0x0000 0x0000000
3694c54.2d10: *0000000000e00000-0000000000ed5fff 0x0000/0x0004 0x0020000
3704c54.2d10: 0000000000ed6000-0000000000ed8fff 0x0004/0x0004 0x0020000
3714c54.2d10: 0000000000ed9000-0000000000ffffff 0x0000/0x0004 0x0020000
3724c54.2d10: 0000000001000000-000000007ffdffff 0x0001/0x0000 0x0000000
3734c54.2d10: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
3744c54.2d10: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
3754c54.2d10: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
3764c54.2d10: 000000007fff0000-00007ff50fa2ffff 0x0001/0x0000 0x0000000
3774c54.2d10: *00007ff50fa30000-00007ff50fa30fff 0x0002/0x0002 0x0040000
3784c54.2d10: 00007ff50fa31000-00007ff50fa3ffff 0x0001/0x0000 0x0000000
3794c54.2d10: *00007ff50fa40000-00007ff50fa62fff 0x0002/0x0002 0x0040000
3804c54.2d10: 00007ff50fa63000-00007ff64ab3ffff 0x0001/0x0000 0x0000000
3814c54.2d10: *00007ff64ab40000-00007ff64ab40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3824c54.2d10: 00007ff64ab41000-00007ff64abb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3834c54.2d10: 00007ff64abb8000-00007ff64abb8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3844c54.2d10: 00007ff64abb9000-00007ff64ac01fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3854c54.2d10: 00007ff64ac02000-00007ff64ac02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3864c54.2d10: 00007ff64ac03000-00007ff64ac03fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3874c54.2d10: 00007ff64ac04000-00007ff64ac08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3884c54.2d10: 00007ff64ac09000-00007ff64ac09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3894c54.2d10: 00007ff64ac0a000-00007ff64ac0afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3904c54.2d10: 00007ff64ac0b000-00007ff64ac0efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3914c54.2d10: 00007ff64ac0f000-00007ff64ac57fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3924c54.2d10: 00007ff64ac58000-00007fff2231ffff 0x0001/0x0000 0x0000000
3934c54.2d10: *00007fff22320000-00007fff22320fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3944c54.2d10: 00007fff22321000-00007fff22437fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3954c54.2d10: 00007fff22438000-00007fff2247efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3964c54.2d10: 00007fff2247f000-00007fff2248afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3974c54.2d10: 00007fff2248b000-00007fff22499fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3984c54.2d10: 00007fff2249a000-00007fff2249afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
3994c54.2d10: 00007fff2249b000-00007fff2249dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4004c54.2d10: 00007fff2249e000-00007fff2250ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4014c54.2d10: 00007fff22510000-00007ffffffeffff 0x0001/0x0000 0x0000000
4024c54.2d10: VirtualBoxVM.exe: timestamp 0x5ff72a09 (rc=VINF_SUCCESS)
4034c54.2d10: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
4044c54.2d10: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
4054c54.2d10: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
4064c54.2d10: supR3HardNtChildPurify: Done after 544 ms and 0 fixes (loop #0).
40714b8.3bc: Log file opened: 6.1.18r142142 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
40814b8.3bc: supR3HardenedVmProcessInit: uNtDllAddr=00007fff22320000 g_uNtVerCombined=0xa047bb00 (stack ~0000000000d7f648)
4094c54.2d10: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001040000 LB 0x400000)
4104c54.2d10: supR3HardNtEnableThreadCreationEx:
41114b8.3bc: ntdll.dll: timestamp 0x443b1261 (rc=VINF_SUCCESS)
41214b8.3bc: New simple heap: #1 0000000001100000 LB 0x400000 (for 2031616 allocation)
41314b8.3bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
41414b8.3bc: System32: \Device\HarddiskVolume4\Windows\System32
41514b8.3bc: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
41614b8.3bc: KnownDllPath: C:\WINDOWS\System32
41714b8.3bc: supR3HardenedVmProcessInit: Opening vboxdrv...
41814b8.3bc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
41914b8.3bc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
42014b8.3bc: Registered Dll notification callback with NTDLL.
42114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
42214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
42314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
42414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1fe30000 LB 0x002a5000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
42514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
42614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
42714b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff21da0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
42814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
42914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\KERNEL32.DLL'
43014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ff64ab40000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
43114b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
43214b8.3bc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
43314b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
43414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
43514b8.3bc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fff22392040 pvNtTerminateThread=00007fff223bd7e0
4364c54.2d10: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 85 ms.
43714b8.3bc: \SystemRoot\System32\ntdll.dll:
43814b8.3bc: CreationTime: 2021-03-26T10:05:55.924577700Z
43914b8.3bc: LastWriteTime: 2021-03-26T10:05:55.965582200Z
44014b8.3bc: ChangeTime: 2021-03-27T05:40:50.307825500Z
44114b8.3bc: FileAttributes: 0x20
44214b8.3bc: Size: 0x1e8050
44314b8.3bc: NT Headers: 0xd8
44414b8.3bc: Timestamp: 0x443b1261
44514b8.3bc: Machine: 0x8664 - amd64
44614b8.3bc: Timestamp: 0x443b1261
44714b8.3bc: Image Version: 10.0
44814b8.3bc: SizeOfImage: 0x1f0000 (2031616)
44914b8.3bc: Resource Dir: 0x17f000 LB 0x6f310
45014b8.3bc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
45114b8.3bc: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
45214b8.3bc: ProductName: Microsoft® Windows® Operating System
45314b8.3bc: ProductVersion: 10.0.18362.1411
45414b8.3bc: FileVersion: 10.0.18362.1411 (WinBuild.160101.0800)
45514b8.3bc: FileDescription: NT Layer DLL
45614b8.3bc: \SystemRoot\System32\kernel32.dll:
45714b8.3bc: CreationTime: 2021-02-26T10:09:36.922809700Z
45814b8.3bc: LastWriteTime: 2021-02-26T10:09:36.938430200Z
45914b8.3bc: ChangeTime: 2021-03-26T10:06:56.117722000Z
46014b8.3bc: FileAttributes: 0x20
46114b8.3bc: Size: 0xb04b0
46214b8.3bc: NT Headers: 0xf8
46314b8.3bc: Timestamp: 0x33adb7d2
46414b8.3bc: Machine: 0x8664 - amd64
46514b8.3bc: Timestamp: 0x33adb7d2
46614b8.3bc: Image Version: 10.0
46714b8.3bc: SizeOfImage: 0xb2000 (729088)
46814b8.3bc: Resource Dir: 0xb0000 LB 0x520
46914b8.3bc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
47014b8.3bc: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
47114b8.3bc: ProductName: Microsoft® Windows® Operating System
47214b8.3bc: ProductVersion: 10.0.18362.1350
47314b8.3bc: FileVersion: 10.0.18362.1350 (WinBuild.160101.0800)
47414b8.3bc: FileDescription: Windows NT BASE API Client DLL
47514b8.3bc: \SystemRoot\System32\KernelBase.dll:
47614b8.3bc: CreationTime: 2021-03-26T10:05:56.470737800Z
47714b8.3bc: LastWriteTime: 2021-03-26T10:05:56.533727500Z
47814b8.3bc: ChangeTime: 2021-03-27T05:40:49.104658500Z
47914b8.3bc: FileAttributes: 0x20
48014b8.3bc: Size: 0x2a5c80
48114b8.3bc: NT Headers: 0x100
48214b8.3bc: Timestamp: 0xeb8644a5
48314b8.3bc: Machine: 0x8664 - amd64
48414b8.3bc: Timestamp: 0xeb8644a5
48514b8.3bc: Image Version: 10.0
48614b8.3bc: SizeOfImage: 0x2a5000 (2772992)
48714b8.3bc: Resource Dir: 0x27f000 LB 0x548
48814b8.3bc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
48914b8.3bc: [Raw version resource data: 0x27f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
49014b8.3bc: ProductName: Microsoft® Windows® Operating System
49114b8.3bc: ProductVersion: 10.0.18362.1411
49214b8.3bc: FileVersion: 10.0.18362.1411 (WinBuild.160101.0800)
49314b8.3bc: FileDescription: Windows NT BASE API Client DLL
49414b8.3bc: \SystemRoot\System32\apisetschema.dll:
49514b8.3bc: CreationTime: 2019-03-19T04:43:54.837151500Z
49614b8.3bc: LastWriteTime: 2019-03-19T04:43:54.837151500Z
49714b8.3bc: ChangeTime: 2021-03-26T10:06:56.074724000Z
49814b8.3bc: FileAttributes: 0x20
49914b8.3bc: Size: 0x1d028
50014b8.3bc: NT Headers: 0xc8
50114b8.3bc: Timestamp: 0xd6ced080
50214b8.3bc: Machine: 0x8664 - amd64
50314b8.3bc: Timestamp: 0xd6ced080
50414b8.3bc: Image Version: 10.0
50514b8.3bc: SizeOfImage: 0x1e000 (122880)
50614b8.3bc: Resource Dir: 0x1d000 LB 0x408
50714b8.3bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
50814b8.3bc: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
50914b8.3bc: ProductName: Microsoft® Windows® Operating System
51014b8.3bc: ProductVersion: 10.0.18362.1
51114b8.3bc: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
51214b8.3bc: FileDescription: ApiSet Schema DLL
51314b8.3bc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
51414b8.3bc: supR3HardenedWinFindAdversaries: 0x1000
51514b8.3bc: \SystemRoot\System32\drivers\vsdatant.sys:
51614b8.3bc: CreationTime: 2020-03-12T13:29:04.000000000Z
51714b8.3bc: LastWriteTime: 2020-12-03T07:38:34.000000000Z
51814b8.3bc: ChangeTime: 2021-02-25T07:42:10.584333400Z
51914b8.3bc: FileAttributes: 0x20
52014b8.3bc: Size: 0x9b780
52114b8.3bc: NT Headers: 0x100
52214b8.3bc: Timestamp: 0x5fc7c4b8
52314b8.3bc: Machine: 0x8664 - amd64
52414b8.3bc: Timestamp: 0x5fc7c4b8
52514b8.3bc: Image Version: 10.0
52614b8.3bc: SizeOfImage: 0xc0000 (786432)
52714b8.3bc: Resource Dir: 0xbe000 LB 0x3d0
52814b8.3bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
52914b8.3bc: [Raw version resource data: 0xbe060 LB 0x36c, codepage 0x0 (reserved 0x0)]
53014b8.3bc: ProductName: End Point Security
53114b8.3bc: ProductVersion: R80
53214b8.3bc: FileVersion: 926004505
53314b8.3bc: FileDescription: ZoneAlarm Firewalling Driver
53414b8.3bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
53514b8.3bc: Calling main()
53614b8.3bc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
53714b8.3bc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
53814b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
53914b8.3bc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
54014b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
54114b8.3bc: SUPR3HardenedMain: Final process, opening VBoxDrv...
54214b8.3bc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001100000 LB 0x400000)
54314b8.3bc: supR3HardNtEnableThreadCreationEx:
54414b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
54514b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
54614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
54714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
54814b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
54914b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1ae80000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
55014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
55114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
55214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
55314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1ae80000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
55414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
55514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
55614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1ae80000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
55714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1ae80000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
55814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
55914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
56014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
56114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
56214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
56314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
56414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
56514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
56614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
56714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
56814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
56914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
57014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'msasn1.dll'.
57114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
57214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
57314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
57414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
57514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
57614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
57714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
57814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
57914b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
58014b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
58114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
58214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
58314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
58414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
58514b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff21a20000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
58614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
58714b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f250000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
58814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
58914b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1fd30000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
59014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
59114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
59214b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f3c0000 LB 0x00151000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
59314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
59414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20570000 LB 0x0011f000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
59514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
59614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f520000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
59714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
59814b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
59914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
60014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
60114b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
60214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
60314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-fibers-l1-1-1'
60414b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
60514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
60614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-fibers-l1-1-1'
60714b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
60814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
60914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
61014b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
61114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
61214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
61314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f520000 'C:\WINDOWS\system32\Wintrust.dll'
61414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
61514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
61614b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
61714b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff201e0000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
61814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
61914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff201e0000 'C:\WINDOWS\system32\bcrypt.dll'
62014b8.3bc: bcrypt.dll loaded at 00007fff201e0000, BCryptOpenAlgorithmProvider at 00007fff201e4c70, preloading providers:
62114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
62214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
62314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
62414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f290000 LB 0x00081000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
62514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
62614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f290000 'C:\WINDOWS\system32\bcryptprimitives.dll'
62714b8.3bc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000169db80)
62814b8.3bc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000016a0de0)
62914b8.3bc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000016a10e0)
63014b8.3bc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000016a13e0)
63114b8.3bc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000016a16e0)
63214b8.3bc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000016a19e0)
63314b8.3bc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000016a1ce0)
63414b8.3bc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000016a1fe0)
63514b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20210000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
63614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
63714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
63814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
63914b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
64014b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
64114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
64214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
64314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
64414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
64514b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
64614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1e2b0000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
64714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
64814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
64914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
65014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
65114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
65214b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1e8a0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
65314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
65414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
65514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
65614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
65714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
65814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
65914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
66014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
66114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
66214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f520000 'C:\WINDOWS\System32\WINTRUST.DLL'
66314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
66414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
66514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\CRYPT32.dll'
66614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20b30000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
66714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
66814b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
66914b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
67014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
67114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
67214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
67314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
67414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
67514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
67614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20bb0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
67714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
67814b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
67914b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
68014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
68114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
68214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
68314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
68414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1db70000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
68514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
68614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f230000 LB 0x0001e000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
68714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
68814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
68914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
69014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
69114b8.3bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
69214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
69314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
69414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
69514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
69614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
69714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
69814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
69914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
70014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
70114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
70214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
70314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
70414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
70514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
70614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
70714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
70814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
70914b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
71014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffef27c0000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
71114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
71214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
71314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
71414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
71514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
71614b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
71714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
71814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
71914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
72014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
72114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
72214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
72314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
72414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
72514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
72614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
72714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
72814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
72914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
73014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
73114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
73214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
73314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
73414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
73514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
73614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
73714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
73814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
73914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
74014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\WINDOWS\System32\cryptnet.dll'
74114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
74214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef27c0000 'C:\Windows\System32\cryptnet.dll'
74314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
74414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
74514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20570000 'C:\WINDOWS\System32\rpcrt4.dll'
74614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20770000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
74714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
74814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
74914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
75014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
75114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
75214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
75314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
75414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
75514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
75614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
75714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
75814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
75914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
76014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
76114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
76214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
76314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
76414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
76514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
76614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
76714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
76814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000016ab960
76914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
77014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=79A6564454A63C725F9D1681D29B70D885092AA5
77114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
77214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
77314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
77414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
77514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
77614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
77714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\SystemRoot\System32\ntdll.dll'
77814b8.3bc: g_pfnWinVerifyTrust=00007fff1f521d30
77914b8.3bc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
78014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
78114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
78214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
78314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
78414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
78514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
78614b8.3bc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
78714b8.3bc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
78814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
78914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
79014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
79114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
79214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
79314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
79414b8.3bc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
79514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
79614b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
79714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
79814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
79914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
80014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a8 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
80114b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
80214b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
80314b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
80414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
80514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
80614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
80714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
80814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
80914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
81014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
81114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
81214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
81314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
81414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
81514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
81614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
81714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
81814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
81914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
82014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
82114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
82214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
82314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
82414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
82514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
82614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
82714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
82814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
82914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
83014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
83114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
83214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
83314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
83414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
83514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
83614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
83714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
83814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
83914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
84014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
84114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
84214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
84314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
84414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
84514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
84614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
84714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
84814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
84914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll'
85014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
85114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
85214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
85314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
85414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
85514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
85614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
85714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
85814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
85914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
86014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
86114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
86214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
86314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
86414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
86514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
86614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
86714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
86814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
86914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\system32\crypt32.dll'
87014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd10babf5477e30ac CN=NBW06019.eurofunk.com
87114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
87214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
87314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
87414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
87514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
87614b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
87714b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x68b88d6a298bd700 CN=T1AEF-ROOTCA
87814b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
87914b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
88014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
88114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
88214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
88314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
88414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
88514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
88614b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
88714b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
88814b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
88914b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
89014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
89114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
89214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
89314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
89414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
89514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc6536f24d57ae723 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
89614b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
89714b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
89814b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
89914b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
90014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
90114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
90214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
90314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
90414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
90514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
90614b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
90714b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
90814b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
90914b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
91014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
91114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
91214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
91314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
91414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
91514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
91614b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
91714b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
91814b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
91914b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
92014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3b2a6f973b859500 CN=Atos TrustedRoot 2011, O=Atos, C=DE
92114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
92214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
92314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
92414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
92514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
92614b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
92714b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
92814b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf9da14c6e464a000 C=AT, ST=Tirol, L=Telfs, O=Consens Zeiterfassung, OU=Consens Zeiterfassung, CN=CONSENS
92914b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9a00e81eeca7c100 DC=com, DC=eurofunk, CN=eurofunk Kappacher CA
93014b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x113ab3eb3b0bdc00 CN=EF-DEV-ROOTCA01
93114b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0xcdd31f8cf2afd700 CN=WSUS Publishers Self-signed
93214b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9a00e81eeca7c100 DC=com, DC=eurofunk, CN=eurofunk Kappacher CA
93314b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9a00e81eeca7c100 DC=com, DC=eurofunk, CN=eurofunk Kappacher CA
93414b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3c38c1f784c4f100 CN=EUROFUNKRCA
93514b8.3bc: supR3HardenedWinIsDesiredRootCA: Adding 0x9a00e81eeca7c100 DC=com, DC=eurofunk, CN=eurofunk Kappacher CA
93614b8.3bc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=66
93714b8.3bc: SUPR3HardenedMain: Load Runtime...
93814b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
93914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
94014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
94114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
94214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
94314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
94414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
94514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
94614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
94714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
94814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
94914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
95014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
95114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
95214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
95314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
95414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
95514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
95614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
95714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
95814b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
95914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
96014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
96114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
96214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
96314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
96414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
96514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
96614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
96714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
96814b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
96914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
97014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
97114b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
97214b8.3bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
97314b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
97414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
97514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
97614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
97714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
97814b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
97914b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
98014b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
98114b8.3bc: supR3HardenedDllNotificationCallback: load 00000000651e0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
98214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
98314b8.3bc: supR3HardenedDllNotificationCallback: load 0000000064660000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
98414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
98514b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff208f0000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
98614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
98714b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffeb6fb0000 LB 0x005e1000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
98814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
98914b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
99014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
99114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
99214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
99314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
99414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
99514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
99614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
99714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
99814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
99914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
100014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
100114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
100214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
100314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
100414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
100514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
100614b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
100714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
100814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
100914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
101014b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
101114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
101214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
101314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
101414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
101514b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
101614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
101714b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
101814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
101914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
102014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
102114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
102214b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
102314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
102414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
102514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
102614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
102714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
102814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
102914b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
103014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
103114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
103214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
103314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
103414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
103514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
103614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
103714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
103814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
103914b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
104014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
104114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
104214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
104314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
104414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
104514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
104614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
104714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
104814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
104914b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
105014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
105114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
105214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
105314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
105414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
105514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
105614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
105714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
105814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
105914b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
106014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
106114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
106214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
106314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
106414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
106514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
106614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
106714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
106814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
106914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
107014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
107114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
107214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
107314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
107414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
107514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
107614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
107714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
107814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
107914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
108014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
108114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
108214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
108314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
108414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
108514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
108614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
108714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
108814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
108914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
109014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
109114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
109214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
109314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
109414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
109514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
109614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
109714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
109814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
109914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
110014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
110114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
110214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
110314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
110414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
110514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
110614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
110714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
110814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
110914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
111014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
111114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
111214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
111314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
111414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
111514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
111614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
111714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
111814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
111914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
112014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
112114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
112214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
112314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
112414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
112514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
112614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
112714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
112814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
112914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
113014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
113114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
113214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
113314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
113414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
113514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
113614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
113714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
113814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
113914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
114014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
114114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
114214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
114314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
114414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
114514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
114614b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
114714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
114814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
114914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
115014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
115114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
115214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
115314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
115414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
115514b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
115614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
115714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
115814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
115914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
116014b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
116114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
116214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
116414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
116514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6fb0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
116614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
116714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
116814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
116914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
117014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f520000 'C:\WINDOWS\system32\Wintrust.dll'
117114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
117214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
117314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
117414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
117514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
117614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
117714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\system32\crypt32.dll'
117814b8.3bc: SUPR3HardenedMain: Load TrustedMain...
117914b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
118014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
118114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
118214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
118314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
118414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
118514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
118614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
118714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
118814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
118914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
119014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
119114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
119214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
119314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
119414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
119514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
119614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
119714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
119814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
119914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
120014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
120114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
120214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
120314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
120414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
120514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
120614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
120714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
120814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
120914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
121014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
121114b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
121214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
121314b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
121414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
121514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
121614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
121714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
121814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
121914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
122014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
122114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
122214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
122314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
122414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
122514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
122614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
122714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
122814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
122914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
123014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
123114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
123214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
123314b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
123414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
123514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'bcryptprimitives.dll'.
123614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
123714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
123814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
123914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
124014b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
124114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
124214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
124314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
124414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
124514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
124614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
124714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
124814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
124914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
125014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
125114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
125214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
125314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
125414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
125514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
125614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
125714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
125814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
125914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
126014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
126114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
126214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
126314b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
126414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
126514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
126614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
126714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
126814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
126914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
127014b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
127114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
127214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
127314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
127414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
127514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
127614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
127714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
127814b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
127914b8.3bc: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
128014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
128114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
128214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
128314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
128414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
128514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
128614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
128714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
128814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
128914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
129014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
129114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
129214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) WinVerifyTrust
129314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
129414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
129514b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
129614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
129714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
129814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
129914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
130014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
130114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
130214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
130314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
130414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
130514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
130614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
130714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
130814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
130914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
131014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
131114b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
131214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
131314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
131414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
131514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
131614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
131714b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
131814b8.3bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
131914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
132014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
132114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
132214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
132314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
132414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
132514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
132614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
132714b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
132814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
132914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
133014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
133114b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
133214b8.3bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
133314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
133414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
133514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
133614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
133714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
133814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
133914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
134014b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
134114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
134214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
134314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
134414b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
134514b8.3bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
134614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
134714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
134814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
134914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
135014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
135114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
135214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
135314b8.3bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
135414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
135514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
135614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
135714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
135814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
135914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
136014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
136114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
136214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
136314b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
136414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
136514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
136614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
136714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
136814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
136914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
137014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
137114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
137214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
137314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
137414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
137514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
137614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
137714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
137814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
137914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
138014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
138114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
138214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
138314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
138414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
138514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
138614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
138714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
138814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
138914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
139014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
139114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
139214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
139314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
139414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
139514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
139614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
139714b8.3bc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
139814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
139914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
140014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
140114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
140214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
140314b8.3bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
140414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
140514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
140614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
140714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
140814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
140914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
141014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
141114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
141214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
141314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
141414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
141514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
141614b8.3bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
141714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
141814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
141914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
142014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
142114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
142214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
142314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
142414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
142514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
142614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
142714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
142814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
142914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
143014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
143114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
143214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
143314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
143414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
143514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
143614b8.3bc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
143714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
143814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
143914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
144014b8.3bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
144114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
144214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
144314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
144414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
144514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
144614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
144714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
144814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
144914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
145014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
145114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
145214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
145314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
145414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
145514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
145614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
145714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
145814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
145914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
146014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
146114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
146214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
146314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
146414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
146514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
146614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
146714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
146814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
146914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
147014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
147114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
147214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
147314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
147414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
147514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
147614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
147714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
147814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
147914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
148014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
148114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
148214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
148314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
148414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
148514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
148614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
148714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
148814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
148914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
149014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
149114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
149214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
149314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
149414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
149514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
149614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
149714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
149814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
149914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
150014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
150114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
150214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
150314b8.3bc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
150414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
150514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
150614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
150714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
150814b8.3bc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
150914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
151014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
151114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
151214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
151314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
151414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
151514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
151614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
151714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
151814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
151914b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
152014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
152114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
152214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
152314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
152414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
152514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
152614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
152714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
152814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
152914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
153014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
153114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
153214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
153314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
153414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
153514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
153614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
153714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
153814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
153914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
154014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
154114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
154214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
154314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
154414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
154514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
154614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
154714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
154814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
154914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
155014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
155114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
155214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
155314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
155414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
155514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
155614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
155714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
155814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
155914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
156014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
156114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
156214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
156314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
156414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
156514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
156614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
156714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
156814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
156914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
157014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
157114b8.3bc: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
157214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
157314b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
157414b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
157514b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
157614b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
157714b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
157814b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
157914b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
158014b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
158114b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
158214b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
158314b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
158414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
158514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
158614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DXCore.dll)
158714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DXCore.dll
158814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f580000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
158914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
159014b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f320000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
159114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
159214b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20230000 LB 0x00198000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
159314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
159414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
159514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
159614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
159714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll)
159814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll
159914b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20a40000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
160014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
160114b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff203d0000 LB 0x00194000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
160214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [avoiding WinVerifyTrust]
160314b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20f40000 LB 0x00336000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
160414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
160514b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff200e0000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
160614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
160714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
160814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1dcd0000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
160914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
161014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffee4250000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
161114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
161214b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffee3210000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
161314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
161414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20a80000 LB 0x000a7000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
161514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
161614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
161714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
161814b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
161914b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
162014b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f1d0000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0]
162114b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\umpdc.dll)
162214b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\umpdc.dll
162314b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f1e0000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
162414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
162514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
162614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
162714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
162814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20710000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
162914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
163014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
163114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
163214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
163314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
163414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f270000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
163514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
163614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
163714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
163814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
163914b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f5b0000 LB 0x0077b000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
164014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
164114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
164214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
164314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
164414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
164514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
164614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff21330000 LB 0x006e8000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
164714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
164814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff21ac0000 LB 0x00157000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
164914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
165014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffeeefe0000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
165114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
165214b8.3bc: supR3HardenedDllNotificationCallback: load 0000000064c70000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
165314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
165414b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffebc310000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
165514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
165614b8.3bc: supR3HardenedDllNotificationCallback: load 0000000064700000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
165714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
165814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20820000 LB 0x000c5000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
165914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
166014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffeb75a0000 LB 0x02317000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
166114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
166214b8.3bc: supR3HardenedDllNotificationCallback: load 00000000645e0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
166314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
166414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1c660000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
166514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
166614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1c690000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
166714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
166814b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffebbb20000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
166914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
167014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
167114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
167214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
167314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
167414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
167514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
167614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
167714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
167814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
167914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
168014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
168114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
168214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
168314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
168414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
168514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
168614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
168714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
168814b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
168914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
169014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
169114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
169214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
169314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
169414b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
169514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
169614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
169714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
169814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
169914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
170014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
170114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
170214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
170314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
170414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
170514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
170614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
170714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
170814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
170914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
171014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
171114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
171214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
171314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
171414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
171514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
171614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
171714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
171814b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
171914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
172014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
172114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
172214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
172314b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
172414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
172514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
172614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
172714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
172814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
172914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
173014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
173114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
173214b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
173314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
173414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
173514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
173614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
173714b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
173814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
173914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
174014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
174114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
174214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
174314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
174414b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\umpdc.dll
174514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
174614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
174714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
174814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
174914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
175014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
175114b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
175214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
175314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
175414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
175514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
175614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
175714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
175814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
175914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
176014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
176114b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
176214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
176314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
176414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
176514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
176614b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
176714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
176814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
176914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
177014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
177114b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
177214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
177314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
177414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
177514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
177614b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
177714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
177814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
177914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
178014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
178114b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
178214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
178314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
178414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
178514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
178614b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
178714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
178814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
178914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
179014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
179114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
179214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
179314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
179414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
179514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
179614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
179714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
179814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
179914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
180014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
180114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
180214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
180314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
180414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
180514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
180614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
180714b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
180814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
180914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
181014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
181114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
181214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
181314b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
181414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
181514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
181614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
181714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
181814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
181914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
182014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
182114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
182214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
182314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
182414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
182514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
182614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
182714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
182814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
182914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
183014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
183114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
183214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
183314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
183414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
183514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
183614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
183714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
183814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
183914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
184014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
184114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
184214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
184314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
184414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
184514b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
184614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
184714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
184814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
184914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
185014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
185114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
185214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
185314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
185414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
185514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
185614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
185714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
185814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
185914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
186014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
186114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
186214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
186314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
186414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
186514b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
186614b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
186714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-string-l1-1-0'
186814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
186914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
187014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
187114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
187214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
187314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
187414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
187514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
187614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
187714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
187814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
187914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
188014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
188114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
188214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
188314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
188414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
188514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
188614b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
188714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
188814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
188914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
189014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
189114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
189214b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
189314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
189414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
189514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
189614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
189714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
189814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
189914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
190014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
190114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
190214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
190314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
190414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
190514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
190614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
190714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
190814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
190914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
191014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
191114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
191214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
191314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
191414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
191514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
191614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
191714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
191814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
191914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
192014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
192114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
192214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
192314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
192414b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
192514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
192614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
192714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
192814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
192914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
193014b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
193114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
193214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
193314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
193414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
193514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
193614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
193714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
193814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
193914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
194014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
194114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
194214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
194314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
194414b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
194514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
194614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-datetime-l1-1-1'
194714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
194814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
194914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
195014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
195114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
195214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
195314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
195414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
195514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
195614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
195714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
195814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
195914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
196014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
196114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
196214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
196314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
196414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
196514b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
196614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
196714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
196814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
196914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
197014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
197114b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
197214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
197314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
197414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
197514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
197614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
197714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
197814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
197914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
198014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
198114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
198214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
198314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
198414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
198514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
198614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
198714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
198814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
198914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
199014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
199114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
199214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
199314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
199414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
199514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
199614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
199714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
199814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
199914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
200014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
200114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
200214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
200314b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
200414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
200514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
200614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
200714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
200814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
200914b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
201014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
201114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
201214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
201314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
201414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
201514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
201614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
201714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
201814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
201914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
202014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
202114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
202214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
202314b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
202414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
202514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-obsolete-l1-2-0'
202614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
202714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
202814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
202914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
203014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
203114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
203214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
203314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
203414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
203514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
203614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
203714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
203814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
203914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
204014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
204114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
204214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
204314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
204414b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
204514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
204614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
204714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
204814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
204914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
205014b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
205114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
205214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
205314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
205414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
205514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
205614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
205714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
205814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
205914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
206014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
206114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
206214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
206314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
206414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
206514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
206614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
206714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
206814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
206914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
207014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
207114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
207214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
207314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
207414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
207514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
207614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
207714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
207814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
207914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
208014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
208114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
208214b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
208314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
208414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
208514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
208614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
208714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
208814b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
208914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
209014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
209114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
209214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
209314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
209414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
209514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
209614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
209714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
209814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
209914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
210014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
210114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
210214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
210314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
210414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
210514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
210614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
210714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
210814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
210914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
211014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
211114b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
211214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
211314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
211414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
211514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
211614b8.3bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
211714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
211814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff21d70000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
211914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
212014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21d70000 'C:\WINDOWS\system32\IMM32.DLL'
212114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
212214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
212314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
212414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
212514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
212614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
212714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
212814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
212914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
213014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
213114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
213214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
213314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
213414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
213514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
213614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
213714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
213814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
213914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
214014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
214114b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
214214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
214314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
214414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
214514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
214614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
214714b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
214814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
214914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
215014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
215114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
215214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
215314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
215414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
215514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
215614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
215714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
215814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
215914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
216014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
216114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
216214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
216314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
216414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
216514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
216614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
216714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
216814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
216914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
217014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
217114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
217214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
217314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
217414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
217514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
217614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
217714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
217814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
217914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
218014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
218114b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
218214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
218314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
218414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
218514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
218614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
218714b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
218814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
218914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
219014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
219114b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
219214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
219314b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
219414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
219514b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
219614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
219714b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
219814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
219914b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
220014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
220114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
220214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
220314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20770000 'C:\WINDOWS\System32\ADVAPI32.DLL'
220414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
220514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
220614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
220714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
220814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
220914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
221014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
221114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
221214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
221314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
221414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
221514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
221614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
221714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
221814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
221914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
222014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
222114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
222214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
222314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
222414b8.3bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
222514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
222614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
222714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
222814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
222914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
223014b8.3bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
223114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
223214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
223314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
223414b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
223514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
223614b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
223714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
223814b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
223914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
224014b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
224114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
224214b8.3bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
224314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
224414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebbb20000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
224514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
224614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
224714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
224814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
224914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
225014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'
225114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
225214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
225314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'
225414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
225514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
225614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
225714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
225814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
225914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'
226014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
226114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
226214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'
226314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
226414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
226514b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'
226614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
226714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
226814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'
226914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
227014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
227114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'
227214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
227314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
227414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'
227514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d0 pwszName=\Device\HarddiskVolume4\Windows\System32\glu32.dll
227614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
227714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
227814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
227914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
228014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
228114b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\glu32.dll'
228214b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
228314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll'
228414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
228514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
228614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll'
228714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
228814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
228914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
229014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
229114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
229214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
229314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
229414b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll'
229514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
229614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
229714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
229814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
229914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
230014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
230114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
230214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
230314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'
230414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
230514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
230614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
230714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
230814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
230914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
231014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
231114b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'
231214b8.3bc: SUPR3HardenedMain: Calling TrustedMain (00007ffebbb216c0)...
231314b8.3bc: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
231414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
231514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
231614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
231714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
231814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
231914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
232014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
232114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
232214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
232314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
232414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
232514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
232614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
232714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
232814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
232914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
233014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
233114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
233214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
233314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
233414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
233514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
233614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
233714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
233814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
233914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
234014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
234114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
234214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
234314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
234414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
234514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
234614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
234714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
234814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
234914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
235014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
235114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
235214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
235314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
235414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
235514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
235614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
235714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
235814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
235914b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
236014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffec5ad0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
236114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
236214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffec5ad0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
236314b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006d4 pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
236414b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
236514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
236614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FC4075B94E896B3CAA9912F5E86E9C45EF536E1D
236714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
236814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
236914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
237014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
237114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
237214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
237314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
237414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) WinVerifyTrust
237514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
237614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
237714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
237814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
237914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
238014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
238114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
238214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
238314b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
238414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1c8b0000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
238514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
238614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c8b0000 'C:\WINDOWS\system32\uxtheme.dll'
238714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff203d0000 'C:\WINDOWS\system32\user32.dll'
238814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
238914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
239014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
239114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
239214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
239314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20a80000 'C:\WINDOWS\system32\SHCore.dll'
239414b8.3bc: \Device\HarddiskVolume4\Windows\System32\wintab32.dll: Owner is administrators group.
239514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
239614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
239714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'wtsapi32.dll'.
239814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mpr.dll'.
239914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
240014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
240114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
240214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
240314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
240414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintab32.dll) WinVerifyTrust
240514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintab32.dll
240614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
240714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
240814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
240914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
241014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
241114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
241214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
241314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
241414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
241514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
241614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
241714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
241814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
241914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
242014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
242114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
242214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
242314b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll
242414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
242514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wtsapi32.dll' [rcNtRedir=0xc0150008]
242614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
242714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
242814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
242914b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wtsapi32.dll) WinVerifyTrust
243014b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wtsapi32.dll
243114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
243214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
243314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
243414b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintab32.dll
243514b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wtsapi32.dll
243614b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1c4e0000 LB 0x00013000 C:\WINDOWS\SYSTEM32\WTSAPI32.dll [fFlags=0x0]
243714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wtsapi32.dll
243814b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffebc0b0000 LB 0x0025e000 C:\WINDOWS\system32\wintab32.dll [fFlags=0x0]
243914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintab32.dll
244014b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
244114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
244214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
244314b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
244414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
244514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-fibers-l1-1-1'
244614b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
244714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
244814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
244914b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
245014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
245114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-fibers-l1-1-1'
245214b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
245314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
245414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
245514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
245614b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
245714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
245814b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
245914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
246014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-string-l1-1-0'
246114b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
246214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
246314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-datetime-l1-1-1'
246414b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
246514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
246614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-obsolete-l1-2-0'
246714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebc0b0000 'C:\WINDOWS\system32\wintab32.dll'
246814b8.3bc: Error (rc=0):
246914b8.3bc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Wacom_Tablet.dll
247014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
247114b8.3bc: Error (rc=0):
247214b8.3bc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Pen_Tablet.dll
247314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
247414b8.3bc: Error (rc=0):
247514b8.3bc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\ISD_Tablet.dll
247614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
247714b8.3bc: Error (rc=0):
247814b8.3bc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Wacom_Tablet.dll
247914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
248014b8.3bc: Error (rc=0):
248114b8.3bc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Pen_Tablet.dll
248214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
248314b8.3bc: Error (rc=0):
248414b8.3bc: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\ISD_Tablet.dll
248514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
248614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff203d0000 'C:\WINDOWS\system32\user32.dll'
248714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
248814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
248914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\system32\winmm.dll'
249014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
249114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
249214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\system32\winmm.dll'
249314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
249414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
249514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
249614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
249714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
249814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c8b0000 'C:\WINDOWS\system32\uxtheme.dll'
249914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
250014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
250114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20770000 'C:\WINDOWS\system32\advapi32.dll'
250214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
250314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
250414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
250514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
250614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) WinVerifyTrust
250714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
250814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
250914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
251014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
251114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
251214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
251314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
251414b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
251514b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1f0f0000 LB 0x00025000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
251614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
251714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f0f0000 'C:\WINDOWS\system32\userenv.dll'
251814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
251914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
252014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
252114b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff21280000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
252214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
252314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
252414b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
252514b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
252614b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
252714b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
252814b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
252914b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
253014b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
253114b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
253214b8.2bf0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
253314b8.2bf0: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll: Signature #1/2: info status: 24202
253414b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
253514b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
253614b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
253714b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
253814b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
253914b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
254014b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
254114b8.2bf0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
254214b8.2bf0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
254314b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
254414b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
254514b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
254614b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
254714b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
254814b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
254914b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
255014b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
255114b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
255214b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
255314b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
255414b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
255514b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
255614b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
255714b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
255814b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
255914b8.2bf0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
256014b8.2bf0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
256114b8.2bf0: supR3HardenedDllNotificationCallback: load 00007ffebbcf0000 LB 0x003c0000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
256214b8.2bf0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
256314b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebbcf0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
256414b8.2bf0: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll: Signature #1/2: info status: 24202
256514b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
256614b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
256714b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
256814b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
256914b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
257014b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
257114b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
257214b8.2bf0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
257314b8.2bf0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
257414b8.2bf0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
257514b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
257614b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
257714b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
257814b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
257914b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
258014b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
258114b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
258214b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
258314b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
258414b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
258514b8.2bf0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
258614b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
258714b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
258814b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
258914b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
259014b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
259114b8.2bf0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
259214b8.2bf0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
259314b8.2bf0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
259414b8.2bf0: supR3HardenedDllNotificationCallback: load 00007ffebdaa0000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
259514b8.2bf0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
259614b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebdaa0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
259714b8.2bf0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
259814b8.2bf0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
259914b8.2bf0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20820000 'C:\Windows\System32\oleaut32.dll'
260014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20a40000 'C:\WINDOWS\system32\gdi32.dll'
260114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
260214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
260314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
260414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
260514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
260614b8.3bc: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
260714b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll) WinVerifyTrust
260814b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
260914b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
261014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff22320000 'C:\WINDOWS\System32\ntdll.dll'
261114b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff20c50000 LB 0x00135000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
261214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
261314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
261414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
261514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
261614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
261714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
261814b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
261914b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
262014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
262114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
262214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
262314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
262414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
262514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
262614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
262714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
262814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
262914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
263014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
263114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
263214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
263314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
263414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
263514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
263614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
263714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000990 pwszName=\Device\HarddiskVolume4\Windows\System32\DataExchange.dll
263814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
263914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
264014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C9B0BE701CDD3934C4537BC9090BB23A9DABB80B
264114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
264214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
264314b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\DataExchange.dll'
264414b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
264514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
264614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
264714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
264814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
264914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
265014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) WinVerifyTrust
265114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
265214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
265314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
265414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
265514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
265614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
265714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
265814b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) WinVerifyTrust
265914b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll
266014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
266114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
266214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
266314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
266414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
266514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
266614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
266714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll
266814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
266914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
267014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
267114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
267214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
267314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
267414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
267514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) WinVerifyTrust
267614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll
267714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
267814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
267914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
268014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
268114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
268214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
268314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
268414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
268514b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
268614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
268714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
268814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll
268914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
269014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
269114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
269214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
269314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
269414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
269514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll) WinVerifyTrust
269614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll
269714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
269814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
269914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
270014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
270114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
270214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
270314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
270414b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
270514b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
270614b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
270714b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll
270814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1dd60000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
270914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll
271014b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1b630000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
271114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
271214b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1bcf0000 LB 0x001dd000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
271314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
271414b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffee4330000 LB 0x0003b000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
271514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
271614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20a40000 'C:\WINDOWS\System32\gdi32.dll'
271714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffee4330000 'C:\WINDOWS\system32\dataexchange.dll'
271814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
271914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
272014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
272114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
272214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll)
272314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll
272414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
272514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
272614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rmclient.dll)
272714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rmclient.dll
272814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1ced0000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
272914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
273014b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1cac0000 LB 0x0025a000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
273114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
273214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
273314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
273414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
273514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
273614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
273714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
273814b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
273914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
274014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
274114b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
274214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
274314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
274414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
274514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume4\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
274614b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
274714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
274814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
274914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rmclient.dll'
275014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
275114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
275214b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll'
275314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
275414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
275514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20a80000 'C:\WINDOWS\system32\Shcore.dll'
275614b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
275714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
275814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
275914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
276014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll)
276114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
276214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
276314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
276414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
276514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll)
276614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
276714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
276814b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll)
276914b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
277014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll)
277114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll
277214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
277314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
277414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
277514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
277614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
277714b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1dc60000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
277814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
277914b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff1c240000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
278014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
278114b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff19d80000 LB 0x00152000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
278214b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
278314b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff19fb0000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
278414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
278514b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff0bbe0000 LB 0x0009d000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
278614b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
278714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
278814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
278914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
279014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
279114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
279214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
279314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
279414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
279514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
279614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
279714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
279814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
279914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
280014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
280114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
280214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
280314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
280414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
280514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
280614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
280714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
280814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
280914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
281014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
281114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
281214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
281314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
281414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
281514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
281614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
281714b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\WinTypes.dll'
281814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
281914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
282014b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntmarta.dll'
282114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
282214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
282314b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll'
282414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
282514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
282614b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll'
282714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
282814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
282914b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll'
283014b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
283114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
283214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff203d0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
283314b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
283414b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
283514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff203d0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
283614b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
283714b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
283814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20f40000 'api-ms-win-core-com-l1-1-0.dll'
283914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
284014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\iertutil.dll)
284114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\iertutil.dll
284214b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff09be0000 LB 0x002a7000 C:\WINDOWS\System32\iertutil.dll [fFlags=0x0]
284314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
284414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
284514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
284614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
284714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
284814b8.3bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\iertutil.dll'
284914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
285014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
285114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20c50000 'C:\WINDOWS\System32\MSCTF.dll'
285214b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000acc pwszName=\Device\HarddiskVolume4\Windows\System32\oleacc.dll
285314b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
285414b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
285514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1BEDEE19D2B5051E320169871E5D75A5E13293CB
285614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
285714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
285814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04113~31bf3856ad364e35~amd64~~10.0.18362.1440.cat'; file='\Device\HarddiskVolume4\Windows\System32\oleacc.dll'
285914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
286014b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
286114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'user32.dll'.
286214b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleacc.dll) WinVerifyTrust
286314b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleacc.dll
286414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
286514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
286614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
286714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
286814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
286914b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
287014b8.3bc: supR3HardenedDllNotificationCallback: load 00007ffeef3f0000 LB 0x00065000 C:\WINDOWS\system32\Oleacc.dll [fFlags=0x0]
287114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
287214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeef3f0000 'C:\WINDOWS\system32\Oleacc.dll'
287314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20820000 'C:\WINDOWS\System32\OLEAUT32.DLL'
287414b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
287514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
287614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeef3f0000 'C:\WINDOWS\system32\oleacc.dll'
287714b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
287814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
287914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeef3f0000 'C:\Windows\System32\oleacc.dll'
288014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
288114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
288214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21ac0000 'C:\WINDOWS\System32\ole32.dll'
288314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20820000 'C:\WINDOWS\System32\OLEAUT32.dll'
288414b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b08 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
288514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
288614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
288714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=44E40386AF0D57A42A98A600819DBDC3E308B1D1
288814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
288914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
289014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll'
289114b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
289214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
289314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
289414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
289514b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
289614b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
289714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
289814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
289914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b1c pwszName=\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
290014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
290114b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
290214b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D98553F4132CB95DBCBC33DB5F559AF6498E77AE
290314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
290414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
290514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll'
290614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
290714b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
290814b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
290914b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
291014b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll) WinVerifyTrust
291114b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
291214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
291314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
291414b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
291514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
291614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
291714b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
291814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
291914b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
292014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
292114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
292214b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
292314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
292414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
292514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
292614b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
292714b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
292814b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff09810000 LB 0x00090000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
292914b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
293014b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff08660000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
293114b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
293214b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
293314b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
293414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
293514b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff08660000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
293614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ae8 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
293714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
293814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
293914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=93A8F77B2517317B0A1807B79E07F6A7CEFD27B6
294014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
294114b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
294214b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll'
294314b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
294414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
294514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
294614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
294714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
294814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
294914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
295014b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
295114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
295214b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
295314b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
295414b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff08100000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
295514b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
295614b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff08100000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
295714b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
295814b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
295914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-0.dll'
296014b8.3bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
296114b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
296214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
296314b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b60 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
296414b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
296514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
296614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
296714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
296814b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
296914b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll'
297014b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
297114b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
297214b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
297314b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
297414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
297514b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
297614b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
297714b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
297814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
297914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
298014b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
298114b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
298214b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff081a0000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
298314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
298414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff081a0000 'C:\WINDOWS\system32\wbem\fastprox.dll'
298514b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b30 pwszName=\Device\HarddiskVolume4\Windows\System32\amsi.dll
298614b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
298714b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
298814b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFE35A9A23BBFDF3E59A314D0CDCF1D4BAE34DC4
298914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
299014b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
299114b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\amsi.dll'
299214b8.3bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
299314b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
299414b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
299514b8.3bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'userenv.dll'.
299614b8.3bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\amsi.dll) WinVerifyTrust
299714b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\amsi.dll
299814b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
299914b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
300014b8.3bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
300114b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
300214b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
300314b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
300414b8.3bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
300514b8.3bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
300614b8.3bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
300714b8.3bc: supR3HardenedDllNotificationCallback: load 00007fff069a0000 LB 0x00017000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
300814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
300914b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff069a0000 'C:\WINDOWS\System32\amsi.dll'
301014b8.3bc: \Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll: Owner is not trusted installer (01 06 00 00 00 00 00 05 50 00 00 00 fd 23 61 39 4a 14 d6 5a 8d 32 1f 5a 3a ed 93 7f 6f 0a 0b 78)
301114b8.3bc: supHardenedWinVerifyImageByHandle: -> -5667 (\Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll)
301214b8.3bc: Error (rc=0):
301314b8.3bc: supR3HardenedScreenImage/LdrLoadDll: rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 \Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll: supHardenedWinVerifyImageByHandle: TrustedInstaller is not the owner of '\Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll'.
301414b8.3bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll
301514b8.3bc: Error (rc=0):
301614b8.3bc: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll' (C:\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll): rcNt=0xc0000190
301714b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll'
301814b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status -5667 (0xffffe9dd)) on \Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll [lacks WinVerifyTrust]
301914b8.3bc: Error (rc=0):
302014b8.3bc: supR3HardenedScreenImage/LdrLoadDll: cached rc=Unknown Status -5667 (0xffffe9dd) fImage=1 fProtect=0x0 fAccess=0x0 cHits=1 \Device\HarddiskVolume4\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll
302114b8.3bc: Error (rc=0):
302214b8.3bc: supR3HardenedMonitor_LdrLoadDll: rejecting 'C:\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll' (C:\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll): rcNt=0xc0000190
302314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\SentinelOne\Sentinel Agent 4.6.13.298\SentinelAmsi64.dll'
302414b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20770000 'C:\WINDOWS\System32\ADVAPI32.dll'
302514b8.4e28: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll: Signature #1/2: info status: 24202
302614b8.4e28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
302714b8.4e28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
302814b8.4e28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
302914b8.4e28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
303014b8.4e28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
303114b8.4e28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
303214b8.4e28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
303314b8.4e28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
303414b8.4e28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
303514b8.4e28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
303614b8.4e28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
303714b8.4e28: supR3HardenedDllNotificationCallback: load 00007ffebb7a0000 LB 0x0037e000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
303814b8.4e28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
303914b8.4e28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebb7a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
304014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
304114b8.304c: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll: Signature #1/2: info status: 24202
304214b8.304c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
304314b8.304c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
304414b8.304c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
304514b8.304c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
304614b8.304c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
304714b8.304c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
304814b8.304c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
304914b8.304c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
305014b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
305114b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
305214b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
305314b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
305414b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
305514b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
305614b8.304c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
305714b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
305814b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
305914b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
306014b8.304c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
306114b8.304c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
306214b8.304c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
306314b8.304c: supR3HardenedDllNotificationCallback: load 00007fff1ae70000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
306414b8.304c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
306514b8.304c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1ae70000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
306614b8.4aec: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll: Signature #1/2: info status: 24202
306714b8.4aec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
306814b8.4aec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
306914b8.4aec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
307014b8.4aec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
307114b8.4aec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
307214b8.4aec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
307314b8.4aec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
307414b8.4aec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
307514b8.4aec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
307614b8.4aec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
307714b8.4aec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
307814b8.4aec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
307914b8.4aec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
308014b8.4aec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
308114b8.4aec: supR3HardenedDllNotificationCallback: load 00007fff15730000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
308214b8.4aec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
308314b8.4aec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff15730000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
308414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\Shell32.dll'
308514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cf0 pwszName=\Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
308614b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
308714b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
308814b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F44CBC4BAFE3CCCC07F920C1E6C13E8202CB0B4C
308914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
309014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
309114b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll'
309214b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
309314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'.
309414b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
309514b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
309614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'...
309714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume4\Windows\System32\vid.dll' [rcNtRedir=0xc0150008]
309814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
309914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
310014b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\vid.dll) WinVerifyTrust
310114b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\vid.dll
310214b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
310314b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
310414b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\vid.dll
310514b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff015c0000 LB 0x00019000 C:\WINDOWS\SYSTEM32\vid.dll [fFlags=0x0]
310614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\vid.dll
310714b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffef0240000 LB 0x00024000 C:\WINDOWS\system32\WinHvPlatform.dll [fFlags=0x0]
310814b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinHvPlatform.dll
310914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffef0240000 'C:\WINDOWS\system32\WinHvPlatform.dll'
311014b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\vid.dll
311114b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
311214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff015c0000 'C:\WINDOWS\system32\vid.dll'
311314b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntdll.dll
311414b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
311514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff22320000 'C:\WINDOWS\system32\NTDLL.DLL'
311614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
311714b8.4a08: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll: Signature #1/2: info status: 24202
311814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
311914b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
312014b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
312114b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
312214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
312314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
312414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
312514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
312614b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
312714b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
312814b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
312914b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
313014b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
313114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
313214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
313314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
313414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
313514b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
313614b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
313714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
313814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
313914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
314014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
314114b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
314214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
314314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
314414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
314514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
314614b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
314714b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
314814b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'cfgmgr32.dll'.
314914b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
315014b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\setupapi.dll) WinVerifyTrust
315114b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\setupapi.dll
315214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
315314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
315414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
315514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
315614b8.4a08: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll: Signature #1/2: info status: 24202
315714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
315814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
315914b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
316014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
316114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
316214b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
316314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
316414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
316514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
316614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
316714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
316814b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
316914b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
317014b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
317114b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
317214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
317314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
317414b8.4a08: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll: Signature #1/2: info status: 24202
317514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
317614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
317714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
317814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
317914b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
318014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
318114b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
318214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
318314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
318414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
318514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
318614b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
318714b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
318814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
318914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
319014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
319114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
319214b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
319314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
319414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
319514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
319614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
319714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
319814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
319914b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
320014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
320114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
320214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
320314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
320414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
320514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
320614b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
320714b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
320814b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
320914b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
321014b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
321114b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff21e60000 LB 0x00470000 C:\WINDOWS\System32\SETUPAPI.dll [fFlags=0x0]
321214b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
321314b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffebf580000 LB 0x00067000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
321414b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
321514b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffeb6750000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
321614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
321714b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff1e440000 LB 0x0003a000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
321814b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
321914b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffebadb0000 LB 0x009e8000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
322014b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
322114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebadb0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
322214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
322314b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
322414b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
322514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebbcf0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
322614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
322714b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
322814b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
322914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeb6750000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
323014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
323114b8.43b8: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll: Signature #1/2: info status: 24202
323214b8.43b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
323314b8.43b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
323414b8.43b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
323514b8.43b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
323614b8.43b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
323714b8.43b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
323814b8.43b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
323914b8.43b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
324014b8.43b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
324114b8.43b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
324214b8.43b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
324314b8.43b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
324414b8.43b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
324514b8.43b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
324614b8.43b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
324714b8.43b8: supR3HardenedDllNotificationCallback: load 00007ffeef060000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
324814b8.43b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
324914b8.43b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeef060000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
325014b8.4b54: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll: Signature #1/2: info status: 24202
325114b8.4b54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
325214b8.4b54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
325314b8.4b54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
325414b8.4b54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
325514b8.4b54: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
325614b8.4b54: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
325714b8.4b54: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
325814b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
325914b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
326014b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
326114b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
326214b8.4b54: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
326314b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
326414b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
326514b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
326614b8.4b54: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
326714b8.4b54: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
326814b8.4b54: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
326914b8.4b54: supR3HardenedDllNotificationCallback: load 00007fff15720000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
327014b8.4b54: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
327114b8.4b54: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff15720000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
327214b8.41f0: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll: Signature #1/2: info status: 24202
327314b8.41f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
327414b8.41f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
327514b8.41f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
327614b8.41f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
327714b8.41f0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
327814b8.41f0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
327914b8.41f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
328014b8.41f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
328114b8.41f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
328214b8.41f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
328314b8.41f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
328414b8.41f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
328514b8.41f0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
328614b8.41f0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
328714b8.41f0: supR3HardenedDllNotificationCallback: load 00007fff0caa0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
328814b8.41f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
328914b8.41f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0caa0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
329014b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
329114b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
329214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e440000 'C:\WINDOWS\system32\Iphlpapi.dll'
329314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
329414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
329514b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winnsi.dll)
329614b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winnsi.dll
329714b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff20a70000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0]
329814b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll)
329914b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\nsi.dll
330014b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff150f0000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\WINNSI.DLL [fFlags=0x0]
330114b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
330214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
330314b8.4a08: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll)
330414b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll
330514b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff142f0000 LB 0x00016000 C:\WINDOWS\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
330614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
330714b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
330814b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
330914b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
331014b8.4a08: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll)
331114b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll
331214b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff14930000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
331314b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
331414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ws2_32.dll'.
331514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'nsi.dll'.
331614b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dnsapi.dll)
331714b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dnsapi.dll
331814b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff1e490000 LB 0x000cb000 C:\WINDOWS\SYSTEM32\DNSAPI.dll [fFlags=0x0]
331914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust]
332014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
332114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
332214b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
332314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
332414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
332514b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
332614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
332714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
332814b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
332914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
333014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
333114b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
333214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
333314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
333414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
333514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
333614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
333714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
333814b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
333914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
334014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
334114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
334214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
334314b8.4a08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dnsapi.dll'
334414b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001004 pwszName=\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll
334514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
334614b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
334714b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1DCF393E857906A5D8EE3B77BAFBC689F3C62587
334814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
334914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
335014b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll'
335114b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
335214b8.4a08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll'
335314b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ff8 pwszName=\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll
335414b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
335514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
335614b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=660345FF413C91A981DE3625BA8520D06115250B
335714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
335814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
335914b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll'
336014b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
336114b8.4a08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll'
336214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
336314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
336414b8.4a08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\nsi.dll'
336514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
336614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
336714b8.4a08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\winnsi.dll'
336814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
336914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
337014b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
337114b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
337214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
337314b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) WinVerifyTrust
337414b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
337514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
337614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
337714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
337814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
337914b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
338014b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) WinVerifyTrust
338114b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
338214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
338314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
338414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
338514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
338614b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
338714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
338814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
338914b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
339014b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
339114b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
339214b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll
339314b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff1efb0000 LB 0x0002a000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
339414b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll
339514b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff11000000 LB 0x00072000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
339614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
339714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff11000000 'C:\WINDOWS\System32\MMDevApi.dll'
339814b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001118 pwszName=\Device\HarddiskVolume4\Windows\System32\dsound.dll
339914b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
340014b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
340114b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8184043CF3F3DF1E3CF96E74DBBF7D0836417373
340214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
340314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
340414b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\dsound.dll'
340514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
340614b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
340714b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'winmm.dll'.
340814b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dsound.dll) WinVerifyTrust
340914b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dsound.dll
341014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
341114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
341214b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
341314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
341414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
341514b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
341614b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
341714b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffebf040000 LB 0x00099000 C:\WINDOWS\System32\dsound.dll [fFlags=0x0]
341814b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
341914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
342014b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
342114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebf040000 'C:\WINDOWS\System32\dsound.dll'
342214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebf040000 'C:\WINDOWS\System32\dsound.dll'
342314b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
342414b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
342514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebf040000 'C:\WINDOWS\system32\dsound.dll'
342614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
342714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
342814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff11000000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
342914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
343014b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
343114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
343214b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010dc pwszName=\Device\HarddiskVolume4\Windows\System32\wdmaud.drv
343314b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
343414b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
343514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=38EA8D6D625C6A0A9075DAE17FD33652FF8FC23A
343614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
343714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
343814b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\wdmaud.drv'
343914b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
344014b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
344114b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
344214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
344314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
344414b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) WinVerifyTrust
344514b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
344614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
344714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
344814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
344914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
345014b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) WinVerifyTrust
345114b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll
345214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
345314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
345414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
345514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
345614b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
345714b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) WinVerifyTrust
345814b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll
345914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
346014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
346114b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
346214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
346314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
346414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
346514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
346614b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
346714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
346814b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
346914b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
347014b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
347114b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff143a0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
347214b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
347314b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff1a510000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
347414b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
347514b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffeefd80000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
347614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
347714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeefd80000 'C:\WINDOWS\System32\wdmaud.drv'
347814b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
347914b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
348014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeefd80000 'C:\WINDOWS\System32\wdmaud.drv'
348114b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
348214b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
348314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeefd80000 'C:\WINDOWS\System32\wdmaud.drv'
348414b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
348514b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
348614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeefd80000 'C:\WINDOWS\System32\wdmaud.drv'
348714b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
348814b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
348914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffeefd80000 'C:\WINDOWS\System32\wdmaud.drv'
349014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
349114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
349214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
349314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
349414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
349514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
349614b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) WinVerifyTrust
349714b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
349814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
349914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
350014b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
350114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
350214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
350314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
350414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
350514b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
350614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
350714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
350814b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
350914b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
351014b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
351114b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff11080000 LB 0x0015f000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
351214b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
351314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff11080000 'C:\WINDOWS\System32\AUDIOSES.DLL'
351414b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001008 pwszName=\Device\HarddiskVolume4\Windows\System32\msacm32.drv
351514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
351614b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
351714b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=763C5E89A8DA653902990733D245B99CC7C40BEA
351814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
351914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
352014b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\msacm32.drv'
352114b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
352214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
352314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
352414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
352514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
352614b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) WinVerifyTrust
352714b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv
352814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
352914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
353014b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
353114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
353214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
353314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
353414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
353514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
353614b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) WinVerifyTrust
353714b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll
353814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
353914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
354014b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
354114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
354214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
354314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
354414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
354514b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
354614b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
354714b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
354814b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffeff7a0000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
354914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
355014b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff05a10000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
355114b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
355214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
355314b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
355414b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
355514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
355614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
355714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
355814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
355914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
356014b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
356114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
356214b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
356314b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
356414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
356514b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
356614b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
356714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
356814b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
356914b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
357014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
357114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
357214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
357314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a10000 'C:\WINDOWS\System32\msacm32.drv'
357414b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001130 pwszName=\Device\HarddiskVolume4\Windows\System32\midimap.dll
357514b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
357614b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
357714b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB34EC166C3F780657AB67E557E6C2E60C398D10
357814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
357914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
358014b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.1377.cat'; file='\Device\HarddiskVolume4\Windows\System32\midimap.dll'
358114b8.4a08: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
358214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
358314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
358414b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) WinVerifyTrust
358514b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll
358614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
358714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
358814b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
358914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
359014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
359114b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
359214b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
359314b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff05a00000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
359414b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
359514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a00000 'C:\WINDOWS\System32\midimap.dll'
359614b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
359714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
359814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a00000 'C:\WINDOWS\System32\midimap.dll'
359914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
360014b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
360114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a00000 'C:\WINDOWS\System32\midimap.dll'
360214b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
360314b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
360414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff05a00000 'C:\WINDOWS\System32\midimap.dll'
360514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
360614b8.3a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
360714b8.3a88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
360814b8.3a88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll)
360914b8.3a88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll
361014b8.3a88: supR3HardenedDllNotificationCallback: load 00007fff1caa0000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
361114b8.3a88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
361214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
361314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
361414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
361514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
361614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
361714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
361814b8.4a08: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll'
361914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
362014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
362114b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
362214b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
362314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebf040000 'C:\WINDOWS\system32\dsound.dll'
362414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
362514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
362614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
362714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
362814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
362914b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
363014b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
363114b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
363214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
363314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'dwmapi.dll'.
363414b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d9.dll) WinVerifyTrust
363514b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d9.dll
363614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
363714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
363814b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
363914b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
364014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
364114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
364214b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
364314b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'win32u.dll'.
364414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'user32.dll'.
364514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'gdi32.dll'.
364614b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll) WinVerifyTrust
364714b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
364814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
364914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
365014b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
365114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
365214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
365314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
365414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
365514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
365614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
365714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
365814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
365914b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
366014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
366114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
366214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
366314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
366414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
366514b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
366614b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
366714b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
366814b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff1c9c0000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\dwmapi.dll [fFlags=0x0]
366914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
367014b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffefbf40000 LB 0x001c7000 C:\WINDOWS\system32\d3d9.dll [fFlags=0x0]
367114b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
367214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
367314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
367414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
367514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
367614b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
367714b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
367814b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
367914b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll) WinVerifyTrust
368014b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
368114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
368214b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
368314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
368414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
368514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
368614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
368714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
368814b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
368914b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffefb030000 LB 0x00165000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll [fFlags=0x0]
369014b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
369114b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
369214b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
369314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
369414b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
369514b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
369614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
369714b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
369814b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
369914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
370014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
370114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
370214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
370314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
370414b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
370514b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
370614b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
370714b8.4a08: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
370814b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll) WinVerifyTrust
370914b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
371014b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
371114b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
371214b8.4a08: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
371314b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
371414b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
371514b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
371614b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
371714b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
371814b8.4a08: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
371914b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
372014b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
372114b8.4a08: supR3HardenedDllNotificationCallback: load 00007ffed1250000 LB 0x049be000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll [fFlags=0x0]
372214b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
372314b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
372414b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
372514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
372614b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
372714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
372814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
372914b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
373014b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
373114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
373214b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
373314b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
373414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-string-l1-1-0'
373514b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
373614b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
373714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-datetime-l1-1-1'
373814b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
373914b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
374014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-obsolete-l1-2-0'
374114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
374214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
374314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
374414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
374514b8.4a08: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll) WinVerifyTrust
374614b8.4a08: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
374714b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
374814b8.4a08: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
374914b8.4a08: supR3HardenedDllNotificationCallback: load 00007fff10940000 LB 0x00330000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll [fFlags=0x0]
375014b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
375114b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
375214b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
375314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
375414b8.4a08: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
375514b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
375614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
375714b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
375814b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
375914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
376014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
376114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff20a40000 'C:\WINDOWS\System32\gdi32.dll'
376214b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
376314b8.3bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21330000 'C:\WINDOWS\system32\shell32.dll'
376414b8.2658: '\Device\HarddiskVolume4\Windows\System32\tzres.dll' has no imports
376514b8.2658: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\tzres.dll)
376614b8.2658: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\tzres.dll
376714b8.2658: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001310 (hFile=00000000000013cc) with 0xc0000022 -> STATUS_TRUST_FAILURE
376814b8.2658: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
376914b8.2658: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000013cc (hFile=0000000000001310) with 0xc0000022 -> STATUS_TRUST_FAILURE
377014b8.2658: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000bd0 pwszName=\Device\HarddiskVolume4\Windows\System32\tzres.dll
377114b8.2658: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000016ab960
377214b8.2658: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000016ab960
377314b8.2658: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4A827CE12E0CBC1DE2F07864E114ED20D6941776
377414b8.2658: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
377514b8.2658: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
377614b8.2658: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.1441.cat'; file='\Device\HarddiskVolume4\Windows\System32\tzres.dll'
377714b8.2658: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
377814b8.2658: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\tzres.dll'
377914b8.2658: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
378014b8.2658: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
378114b8.2658: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ws2_32.dll'.
378214b8.2658: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
378314b8.2658: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mswsock.dll) WinVerifyTrust
378414b8.2658: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mswsock.dll
378514b8.2658: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
378614b8.2658: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
378714b8.2658: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
378814b8.2658: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
378914b8.2658: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
379014b8.2658: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
379114b8.2658: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mswsock.dll
379214b8.2658: supR3HardenedDllNotificationCallback: load 00007fff1e720000 LB 0x00067000 C:\WINDOWS\system32\mswsock.dll [fFlags=0x0]
379314b8.2658: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mswsock.dll
379414b8.2658: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e720000 'C:\WINDOWS\system32\mswsock.dll'
379514b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
379614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
379714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
379814b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
379914b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
380014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
380114b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
380214b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
380314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
380414b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-core-resourcepolicy-l1-1-0.dll) -> 0x0, fPresent=1
380514b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-core-resourcepolicy-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
380614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1caa0000 'ext-ms-win-core-resourcepolicy-l1-1-0.dll'
380714b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
380814b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
380914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
381014b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
381114b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
381214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
381314b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
381414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
381514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
381614b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
381714b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
381814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
381914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
382014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
382114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
382214b8.4604: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
382314b8.4604: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll) WinVerifyTrust
382414b8.4604: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll
382514b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
382614b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
382714b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
382814b8.4604: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll
382914b8.4604: supR3HardenedDllNotificationCallback: load 00007fff01060000 LB 0x00027000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll [fFlags=0x0]
383014b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll
383114b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
383214b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
383314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
383414b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
383514b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
383614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
383714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
383814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff01060000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdinfo64.dll'
383914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
384014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
384114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
384214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
384314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
384414b8.4604: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
384514b8.4604: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
384614b8.4604: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
384714b8.4604: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll) WinVerifyTrust
384814b8.4604: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
384914b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
385014b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
385114b8.4604: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
385214b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
385314b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
385414b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
385514b8.4604: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
385614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
385714b8.4604: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
385814b8.4604: supR3HardenedDllNotificationCallback: load 00007fff0d880000 LB 0x02bb3000 C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll [fFlags=0x0]
385914b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
386014b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
386114b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
386214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-synch-l1-2-0'
386314b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
386414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
386514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-l1-2-1'
386614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'C:\WINDOWS\System32\kernel32.dll'
386714b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
386814b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
386914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-string-l1-1-0'
387014b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
387114b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
387214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-datetime-l1-1-1'
387314b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
387414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
387514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1fe30000 'api-ms-win-core-localization-obsolete-l1-2-0'
387614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
387714b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
387814b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
387914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
388014b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
388114b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
388214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
388314b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
388414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
388514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
388614b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
388714b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
388814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
388914b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
389014b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
389114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
389214b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
389314b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
389414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
389514b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
389614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
389714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
389814b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
389914b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
390014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
390114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
390214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
390314b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
390414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
390514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
390614b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
390714b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
390814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
390914b8.304c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff203d0000 'C:\WINDOWS\system32\User32.dll'
391014b8.3d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
391114b8.3d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
391214b8.3d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebf040000 'C:\WINDOWS\system32\dsound.dll'
391314b8.3d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
391414b8.3d5c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
391514b8.3d5c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
391614b8.3d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
391714b8.3d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
391814b8.3d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
391914b8.3d5c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392014b8.4a08: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
392114b8.4a08: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
392214b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffebf040000 'C:\WINDOWS\system32\dsound.dll'
392314b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392414b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392514b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392614b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392714b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392814b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
392914b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
393014b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
393114b8.4a08: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1c690000 'C:\WINDOWS\System32\winmm.dll'
393214b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
393314b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
393414b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
393514b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
393614b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'combase.dll'.
393714b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shcore.dll'.
393814b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'textinputframework.dll'.
393914b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'inputhost.dll'.
394014b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
394114b8.20bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\Windows.UI.dll) WinVerifyTrust
394214b8.20bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
394314b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
394414b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
394514b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'inputhost.dll'...
394614b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'inputhost.dll' -> '\Device\HarddiskVolume4\Windows\System32\inputhost.dll' [rcNtRedir=0xc0150008]
394714b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
394814b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
394914b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
395014b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'coremessaging.dll'.
395114b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'coreuicomponents.dll'.
395214b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'propsys.dll'.
395314b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'shcore.dll'.
395414b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'win32u.dll'.
395514b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'combase.dll'.
395614b8.20bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\InputHost.dll) WinVerifyTrust
395714b8.20bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\InputHost.dll
395814b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'textinputframework.dll'...
395914b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'textinputframework.dll' -> '\Device\HarddiskVolume4\Windows\System32\textinputframework.dll' [rcNtRedir=0xc0150008]
396014b8.20bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
396114b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
396214b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
396314b8.20bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
396414b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
396514b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
396614b8.20bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
396714b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
396814b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
396914b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
397014b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
397114b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
397214b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
397314b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
397414b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
397514b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
397614b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
397714b8.20bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
397814b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
397914b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
398014b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
398114b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1f3c0000 'C:\WINDOWS\System32\crypt32.dll'
398214b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'oleaut32.dll'.
398314b8.20bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
398414b8.20bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll) WinVerifyTrust
398514b8.20bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll
398614b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
398714b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
398814b8.20bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
398914b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
399014b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
399114b8.20bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
399214b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
399314b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
399414b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
399514b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
399614b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
399714b8.20bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
399814b8.20bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Windows.UI.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
399914b8.20bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
400014b8.20bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\InputHost.dll
400114b8.20bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll
400214b8.20bc: supR3HardenedDllNotificationCallback: load 00007fff1d090000 LB 0x000f0000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
400314b8.20bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll
400414b8.20bc: supR3HardenedDllNotificationCallback: load 00007fff0bac0000 LB 0x0011c000 C:\Windows\System32\InputHost.dll [fFlags=0x0]
400514b8.20bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\InputHost.dll
400614b8.20bc: supR3HardenedDllNotificationCallback: load 00007fff0bc80000 LB 0x00149000 C:\Windows\System32\Windows.UI.dll [fFlags=0x0]
400714b8.20bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
400814b8.20bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0bc80000 'C:\Windows\System32\Windows.UI.dll'
400914b8.4f14: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
401014b8.4f14: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
401114b8.4f14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1a510000 'C:\WINDOWS\System32\avrt.dll'
401214b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
401314b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
401414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
401514b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
401614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
401714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
401814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
401914b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
402014b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
402114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
402214b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
402314b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
402414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
402514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
402614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
402714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
402814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
402914b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
403014b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
403114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
403214b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
403314b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
403414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
403514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
403614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
403714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
403814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
403914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
404014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
404114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
404214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
404314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
404414b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
404514b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
404614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
404714b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
404814b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
404914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
405014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
405114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
405214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
405314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
405414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
405514b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
405614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
405714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
405814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
405914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
406014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
406114b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
406214b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
406314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
406414b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
406514b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
406614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
406714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
406814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
406914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
407014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
407114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
407214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
407314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
407414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
407514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
407614b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
407714b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
407814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
407914b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
408014b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
408114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
408214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
408314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
408414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
408514b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
408614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
408714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
408814b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
408914b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
409014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
409114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
409214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
409314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
409414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
409514b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
409614b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
409714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
409814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
409914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
410014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
410114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
410214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
410314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
410414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
410514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
410614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
410714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
410814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
410914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
411014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
411114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
411214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
411314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
411414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
411514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
411614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
411714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
411814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
411914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
412014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
412114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
412214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
412314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
412414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
412514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
412614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
412714b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll
412814b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
412914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
413014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
413114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
413214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
413314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
413414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
413514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
413614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
413714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
413814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
413914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
414014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
414114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
414214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
414314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
414414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
414514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
414614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
414714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
414814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
414914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
415014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
415114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
415214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
415314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
415414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
415514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
415614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
415714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
415814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
415914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
416014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
416114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
416214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
416314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
416414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
416514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
416614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
416714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
416814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
416914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
417014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
417114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
417214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
417314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
417414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
417514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
417614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
417714b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d9.dll
417814b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
417914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
418014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
418114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
418214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
418314b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll
418414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
418514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
418614b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll
418714b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
418814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
418914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
419014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
419114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
419214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
419314b8.4604: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll
419414b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
419514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
419614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
419714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
419814b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
419914b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
420014b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefb030000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdumdim64.dll'
420114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffed1250000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igd9dxva64.dll'
420214b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
420314b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff10940000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igdgmm64.dll'
420414b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
420514b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff1e2b0000 'C:\WINDOWS\system32\rsaenh.dll'
420614b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff0d880000 'C:\WINDOWS\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_87079a2c2326a956\igc64.dll'
420714b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffefbf40000 'C:\WINDOWS\system32\d3d9.dll'
420814b8.4604: KiUserExceptionDispatcher: 0xc0000005 (0000000000000000, 0000000000000040) @ 00007ffefb084bef (flags=0x0)
4209 rax=0000000000000000 rbx=00000000b7e460b0 rcx=0000000089fe93a0 rdx=00000000b7e467a0
4210 rsi=0000000000000000 rdi=00000000b7e460b0 r8 =0000000000000000 r9 =0000000000000001
4211 r10=0000000000000010 r11=0000000000000000 r12=00000000b7e460b0 r13=00000000b7e460b0
4212 r14=0000000000000000 r15=00000000b7e460b0 P1=0000000000000000 P2=0000000000000000
4213 rip=00007ffefb084bef rsp=000000001616e278 rbp=0000000000000000 ctxflags=0010005f
4214 cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b eflags=00010246 mxcrx=00001fa5
4215 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
4216 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
4217 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000200 dcr=0000020000000000
4218 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
421914b8.4604: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-kernel32-errorhandling-l1-1-0.dll) -> 0x0, fPresent=1
422014b8.4604: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-kernel32-errorhandling-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
422114b8.4604: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff21da0000 'ext-ms-win-kernel32-errorhandling-l1-1-0.dll'
42224c54.2d10: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 52448 ms, the end);
42234e58.30b4: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 53136 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy