VirtualBox

Ticket #19215: VBoxHardening.log

File VBoxHardening.log, 492.0 KB (added by Aquis7, 5 years ago)

VBox Hardening

Line 
147f4.33e0: Log file opened: 6.1.0r135406 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047bb00
247f4.33e0: \SystemRoot\System32\ntdll.dll:
347f4.33e0: CreationTime: 2019-10-07T02:56:35.364321800Z
447f4.33e0: LastWriteTime: 2019-10-07T02:56:35.396310100Z
547f4.33e0: ChangeTime: 2019-12-26T04:46:09.958629900Z
647f4.33e0: FileAttributes: 0x20
747f4.33e0: Size: 0x1e8528
847f4.33e0: NT Headers: 0xd8
947f4.33e0: Timestamp: 0x99ca0526
1047f4.33e0: Machine: 0x8664 - amd64
1147f4.33e0: Timestamp: 0x99ca0526
1247f4.33e0: Image Version: 10.0
1347f4.33e0: SizeOfImage: 0x1f0000 (2031616)
1447f4.33e0: Resource Dir: 0x17f000 LB 0x6f310
1547f4.33e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1647f4.33e0: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1747f4.33e0: ProductName: Microsoft® Windows® Operating System
1847f4.33e0: ProductVersion: 10.0.18362.418
1947f4.33e0: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
2047f4.33e0: FileDescription: NT Layer DLL
2147f4.33e0: \SystemRoot\System32\kernel32.dll:
2247f4.33e0: CreationTime: 2019-10-07T02:56:13.442518200Z
2347f4.33e0: LastWriteTime: 2019-10-07T02:56:13.442518200Z
2447f4.33e0: ChangeTime: 2019-12-26T04:46:09.821002000Z
2547f4.33e0: FileAttributes: 0x20
2647f4.33e0: Size: 0xb0570
2747f4.33e0: NT Headers: 0xe8
2847f4.33e0: Timestamp: 0xd0cecc10
2947f4.33e0: Machine: 0x8664 - amd64
3047f4.33e0: Timestamp: 0xd0cecc10
3147f4.33e0: Image Version: 10.0
3247f4.33e0: SizeOfImage: 0xb2000 (729088)
3347f4.33e0: Resource Dir: 0xb0000 LB 0x520
3447f4.33e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3547f4.33e0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3647f4.33e0: ProductName: Microsoft® Windows® Operating System
3747f4.33e0: ProductVersion: 10.0.18362.329
3847f4.33e0: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
3947f4.33e0: FileDescription: Windows NT BASE API Client DLL
4047f4.33e0: \SystemRoot\System32\KernelBase.dll:
4147f4.33e0: CreationTime: 2019-12-26T04:45:38.591012300Z
4247f4.33e0: LastWriteTime: 2019-12-26T04:45:38.645894200Z
4347f4.33e0: ChangeTime: 2019-12-26T21:24:08.108582900Z
4447f4.33e0: FileAttributes: 0x20
4547f4.33e0: Size: 0x2a2638
4647f4.33e0: NT Headers: 0xf0
4747f4.33e0: Timestamp: 0x50cc8d5a
4847f4.33e0: Machine: 0x8664 - amd64
4947f4.33e0: Timestamp: 0x50cc8d5a
5047f4.33e0: Image Version: 10.0
5147f4.33e0: SizeOfImage: 0x2a3000 (2764800)
5247f4.33e0: Resource Dir: 0x27d000 LB 0x548
5347f4.33e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5447f4.33e0: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5547f4.33e0: ProductName: Microsoft® Windows® Operating System
5647f4.33e0: ProductVersion: 10.0.18362.535
5747f4.33e0: FileVersion: 10.0.18362.535 (WinBuild.160101.0800)
5847f4.33e0: FileDescription: Windows NT BASE API Client DLL
5947f4.33e0: \SystemRoot\System32\apisetschema.dll:
6047f4.33e0: CreationTime: 2019-03-19T04:43:54.837151500Z
6147f4.33e0: LastWriteTime: 2019-03-19T04:43:54.837151500Z
6247f4.33e0: ChangeTime: 2019-12-26T04:46:09.813023200Z
6347f4.33e0: FileAttributes: 0x20
6447f4.33e0: Size: 0x1d028
6547f4.33e0: NT Headers: 0xc8
6647f4.33e0: Timestamp: 0xd6ced080
6747f4.33e0: Machine: 0x8664 - amd64
6847f4.33e0: Timestamp: 0xd6ced080
6947f4.33e0: Image Version: 10.0
7047f4.33e0: SizeOfImage: 0x1e000 (122880)
7147f4.33e0: Resource Dir: 0x1d000 LB 0x408
7247f4.33e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7347f4.33e0: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7447f4.33e0: ProductName: Microsoft® Windows® Operating System
7547f4.33e0: ProductVersion: 10.0.18362.1
7647f4.33e0: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
7747f4.33e0: FileDescription: ApiSet Schema DLL
7847f4.33e0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7947f4.33e0: supR3HardenedWinFindAdversaries: 0x0
8047f4.33e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
8147f4.33e0: Calling main()
8247f4.33e0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
8347f4.33e0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
8447f4.33e0: SUPR3HardenedMain: Respawn #1
8547f4.33e0: System32: \Device\HarddiskVolume4\Windows\System32
8647f4.33e0: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
8747f4.33e0: KnownDllPath: C:\WINDOWS\System32
8847f4.33e0: supR3HardenedWinInit: Performing a limited self purification...
8947f4.33e0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
9047f4.33e0: *0000000000000000-0000000000a9ffff 0x0001/0x0000 0x0000000
9147f4.33e0: *0000000000aa0000-0000000000aaffff 0x0004/0x0004 0x0040000
9247f4.33e0: 0000000000ab0000-0000000000abffff 0x0001/0x0000 0x0000000
9347f4.33e0: *0000000000ac0000-0000000000adafff 0x0002/0x0002 0x0040000
9447f4.33e0: 0000000000adb000-0000000000adffff 0x0001/0x0000 0x0000000
9547f4.33e0: *0000000000ae0000-0000000000b98fff 0x0000/0x0004 0x0020000
9647f4.33e0: 0000000000b99000-0000000000b9bfff 0x0104/0x0004 0x0020000
9747f4.33e0: 0000000000b9c000-0000000000bdffff 0x0004/0x0004 0x0020000
9847f4.33e0: *0000000000be0000-0000000000be3fff 0x0002/0x0002 0x0040000
9947f4.33e0: 0000000000be4000-0000000000beffff 0x0001/0x0000 0x0000000
10047f4.33e0: *0000000000bf0000-0000000000bf1fff 0x0004/0x0004 0x0020000
10147f4.33e0: 0000000000bf2000-0000000000bfffff 0x0001/0x0000 0x0000000
10247f4.33e0: *0000000000c00000-0000000000d1afff 0x0000/0x0004 0x0020000
10347f4.33e0: 0000000000d1b000-0000000000d1dfff 0x0004/0x0004 0x0020000
10447f4.33e0: 0000000000d1e000-0000000000dfffff 0x0000/0x0004 0x0020000
10547f4.33e0: 0000000000e00000-0000000000e0ffff 0x0001/0x0000 0x0000000
10647f4.33e0: *0000000000e10000-0000000000e15fff 0x0004/0x0004 0x0020000
10747f4.33e0: 0000000000e16000-0000000000f0ffff 0x0000/0x0004 0x0020000
10847f4.33e0: *0000000000f10000-0000000000fd6fff 0x0002/0x0002 0x0040000
10947f4.33e0: 0000000000fd7000-0000000000fdffff 0x0001/0x0000 0x0000000
11047f4.33e0: *0000000000fe0000-0000000000fe1fff 0x0004/0x0004 0x0020000
11147f4.33e0: 0000000000fe2000-0000000001011fff 0x0000/0x0004 0x0020000
11247f4.33e0: 0000000001012000-00000000010bffff 0x0001/0x0000 0x0000000
11347f4.33e0: *00000000010c0000-00000000010cefff 0x0004/0x0004 0x0020000
11447f4.33e0: 00000000010cf000-00000000010cffff 0x0000/0x0004 0x0020000
11547f4.33e0: *00000000010d0000-00000000010d4fff 0x0000/0x0004 0x0020000
11647f4.33e0: 00000000010d5000-00000000012c5fff 0x0004/0x0004 0x0020000
11747f4.33e0: 00000000012c6000-00000000012c6fff 0x0000/0x0004 0x0020000
11847f4.33e0: 00000000012c7000-00000000012cffff 0x0001/0x0000 0x0000000
11947f4.33e0: *00000000012d0000-00000000012ecfff 0x0004/0x0004 0x0020000
12047f4.33e0: 00000000012ed000-00000000013cffff 0x0000/0x0004 0x0020000
12147f4.33e0: 00000000013d0000-000000007ffdffff 0x0001/0x0000 0x0000000
12247f4.33e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
12347f4.33e0: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
12447f4.33e0: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
12547f4.33e0: 000000007ffed000-00007ff4fa51ffff 0x0001/0x0000 0x0000000
12647f4.33e0: *00007ff4fa520000-00007ff4fa524fff 0x0002/0x0002 0x0040000
12747f4.33e0: 00007ff4fa525000-00007ff4fa61ffff 0x0000/0x0002 0x0040000
12847f4.33e0: *00007ff4fa620000-00007ff5fa63ffff 0x0000/0x0004 0x0020000
12947f4.33e0: *00007ff5fa640000-00007ff5fc63ffff 0x0000/0x0004 0x0020000
13047f4.33e0: 00007ff5fc640000-00007ff5fc640fff 0x0004/0x0004 0x0020000
13147f4.33e0: 00007ff5fc641000-00007ff5fc64ffff 0x0001/0x0000 0x0000000
13247f4.33e0: *00007ff5fc650000-00007ff5fc650fff 0x0002/0x0002 0x0040000
13347f4.33e0: 00007ff5fc651000-00007ff5fc65ffff 0x0001/0x0000 0x0000000
13447f4.33e0: *00007ff5fc660000-00007ff5fc682fff 0x0002/0x0002 0x0040000
13547f4.33e0: 00007ff5fc683000-00007ff6bfb3ffff 0x0001/0x0000 0x0000000
13647f4.33e0: *00007ff6bfb40000-00007ff6bfb40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13747f4.33e0: 00007ff6bfb41000-00007ff6bfbb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13847f4.33e0: 00007ff6bfbb7000-00007ff6bfbb7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13947f4.33e0: 00007ff6bfbb8000-00007ff6bfbfffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14047f4.33e0: 00007ff6bfc00000-00007ff6bfc02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14147f4.33e0: 00007ff6bfc03000-00007ff6bfc05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14247f4.33e0: 00007ff6bfc06000-00007ff6bfc08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14347f4.33e0: 00007ff6bfc09000-00007ff6bfc09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14447f4.33e0: 00007ff6bfc0a000-00007ff6bfc0bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14547f4.33e0: 00007ff6bfc0c000-00007ff6bfc0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14647f4.33e0: 00007ff6bfc0d000-00007ff6bfc55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14747f4.33e0: 00007ff6bfc56000-00007ffd7a5dffff 0x0001/0x0000 0x0000000
14847f4.33e0: *00007ffd7a5e0000-00007ffd7a5e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
14947f4.33e0: 00007ffd7a5e1000-00007ffd7a6e5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
15047f4.33e0: 00007ffd7a6e6000-00007ffd7a847fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
15147f4.33e0: 00007ffd7a848000-00007ffd7a84bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
15247f4.33e0: 00007ffd7a84c000-00007ffd7a84cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
15347f4.33e0: 00007ffd7a84d000-00007ffd7a882fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
15447f4.33e0: 00007ffd7a883000-00007ffd7bdfffff 0x0001/0x0000 0x0000000
15547f4.33e0: *00007ffd7be00000-00007ffd7be00fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
15647f4.33e0: 00007ffd7be01000-00007ffd7be75fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
15747f4.33e0: 00007ffd7be76000-00007ffd7bea7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
15847f4.33e0: 00007ffd7bea8000-00007ffd7bea8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
15947f4.33e0: 00007ffd7bea9000-00007ffd7bea9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
16047f4.33e0: 00007ffd7beaa000-00007ffd7beb1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
16147f4.33e0: 00007ffd7beb2000-00007ffd7d39ffff 0x0001/0x0000 0x0000000
16247f4.33e0: *00007ffd7d3a0000-00007ffd7d3a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16347f4.33e0: 00007ffd7d3a1000-00007ffd7d4b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16447f4.33e0: 00007ffd7d4b8000-00007ffd7d4fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16547f4.33e0: 00007ffd7d4ff000-00007ffd7d4fffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16647f4.33e0: 00007ffd7d500000-00007ffd7d501fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16747f4.33e0: 00007ffd7d502000-00007ffd7d50afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16847f4.33e0: 00007ffd7d50b000-00007ffd7d58ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
16947f4.33e0: 00007ffd7d590000-00007ffffffeffff 0x0001/0x0000 0x0000000
17047f4.33e0: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
17147f4.33e0: kernelbase.dll: timestamp 0x50cc8d5a (rc=VINF_SUCCESS)
17247f4.33e0: VirtualBoxVM.exe: timestamp 0x5defad4f (rc=VINF_SUCCESS)
17347f4.33e0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
17447f4.33e0: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
17547f4.33e0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
17647f4.33e0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
17747f4.33e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
17847f4.33e0: supR3HardNtEnableThreadCreationEx:
17947f4.33e0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd7d4117f0 pvNtTerminateThread=00007ffd7d43cb10
18047f4.33e0: supR3HardenedWinDoReSpawn(1): New child 207c.2dcc [kernel32].
18147f4.33e0: supR3HardNtChildGatherData: PebBaseAddress=0000000000296000 cbPeb=0x388
18247f4.33e0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd7d3a0000 uNtDllChildAddr=00007ffd7d3a0000
18347f4.33e0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd7d4117f0
18447f4.33e0: supR3HardenedWinSetupChildInit: Initial context:
185 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6bfb47900 rdx=0000000000296000
186 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
187 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
188 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
189 rip=00007ffd7d40ceb0 rsp=000000000015fc08 rbp=0000000000000000 ctxflags=0010001b
190 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
191 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
192 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
193 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
194 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
19547f4.33e0: supR3HardenedWinSetupChildInit: Start child.
19647f4.33e0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
19747f4.33e0: supR3HardNtChildPurify: Startup delay kludge #1/0: 257 ms, 29 sleeps
19847f4.33e0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
19947f4.33e0: *0000000000000000-000000000001ffff 0x0001/0x0000 0x0000000
20047f4.33e0: *0000000000020000-000000000003ffff 0x0004/0x0004 0x0020000
20147f4.33e0: *0000000000040000-000000000005afff 0x0002/0x0002 0x0040000
20247f4.33e0: 000000000005b000-000000000005ffff 0x0001/0x0000 0x0000000
20347f4.33e0: *0000000000060000-000000000015afff 0x0000/0x0004 0x0020000
20447f4.33e0: 000000000015b000-000000000015dfff 0x0104/0x0004 0x0020000
20547f4.33e0: 000000000015e000-000000000015ffff 0x0004/0x0004 0x0020000
20647f4.33e0: *0000000000160000-0000000000163fff 0x0002/0x0002 0x0040000
20747f4.33e0: 0000000000164000-000000000016ffff 0x0001/0x0000 0x0000000
20847f4.33e0: *0000000000170000-0000000000171fff 0x0004/0x0004 0x0020000
20947f4.33e0: 0000000000172000-00000000001fffff 0x0001/0x0000 0x0000000
21047f4.33e0: *0000000000200000-0000000000295fff 0x0000/0x0004 0x0020000
21147f4.33e0: 0000000000296000-0000000000298fff 0x0004/0x0004 0x0020000
21247f4.33e0: 0000000000299000-00000000003fffff 0x0000/0x0004 0x0020000
21347f4.33e0: 0000000000400000-000000007ffdffff 0x0001/0x0000 0x0000000
21447f4.33e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
21547f4.33e0: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
21647f4.33e0: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
21747f4.33e0: 000000007ffed000-00007ff51308ffff 0x0001/0x0000 0x0000000
21847f4.33e0: *00007ff513090000-00007ff513090fff 0x0002/0x0002 0x0040000
21947f4.33e0: 00007ff513091000-00007ff51309ffff 0x0001/0x0000 0x0000000
22047f4.33e0: *00007ff5130a0000-00007ff5130c2fff 0x0002/0x0002 0x0040000
22147f4.33e0: 00007ff5130c3000-00007ff6bfb3ffff 0x0001/0x0000 0x0000000
22247f4.33e0: *00007ff6bfb40000-00007ff6bfb40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22347f4.33e0: 00007ff6bfb41000-00007ff6bfbb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22447f4.33e0: 00007ff6bfbb7000-00007ff6bfbb7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22547f4.33e0: 00007ff6bfbb8000-00007ff6bfbfffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22647f4.33e0: 00007ff6bfc00000-00007ff6bfc00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22747f4.33e0: 00007ff6bfc01000-00007ff6bfc01fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22847f4.33e0: 00007ff6bfc02000-00007ff6bfc06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22947f4.33e0: 00007ff6bfc07000-00007ff6bfc07fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23047f4.33e0: 00007ff6bfc08000-00007ff6bfc08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23147f4.33e0: 00007ff6bfc09000-00007ff6bfc0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23247f4.33e0: 00007ff6bfc0d000-00007ff6bfc55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23347f4.33e0: 00007ff6bfc56000-00007ffd7d39ffff 0x0001/0x0000 0x0000000
23447f4.33e0: *00007ffd7d3a0000-00007ffd7d3a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23547f4.33e0: 00007ffd7d3a1000-00007ffd7d4b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23647f4.33e0: 00007ffd7d4b8000-00007ffd7d4fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23747f4.33e0: 00007ffd7d4ff000-00007ffd7d50afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23847f4.33e0: 00007ffd7d50b000-00007ffd7d519fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
23947f4.33e0: 00007ffd7d51a000-00007ffd7d51afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
24047f4.33e0: 00007ffd7d51b000-00007ffd7d51dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
24147f4.33e0: 00007ffd7d51e000-00007ffd7d58ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
24247f4.33e0: 00007ffd7d590000-00007ffffffeffff 0x0001/0x0000 0x0000000
24347f4.33e0: supR3HardNtChildPurify: Done after 261 ms and 0 fixes (loop #0).
244207c.2dcc: Log file opened: 6.1.0r135406 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
245207c.2dcc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd7d3a0000 g_uNtVerCombined=0xa047bb00 (stack ~000000000015f698)
246207c.2dcc: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
247207c.2dcc: New simple heap: #1 0000000000500000 LB 0x400000 (for 2031616 allocation)
24847f4.33e0: supR3HardNtEnableThreadCreationEx:
249207c.2dcc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
250207c.2dcc: System32: \Device\HarddiskVolume4\Windows\System32
251207c.2dcc: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
252207c.2dcc: KnownDllPath: C:\WINDOWS\System32
253207c.2dcc: supR3HardenedVmProcessInit: Opening vboxdrv stub...
254207c.2dcc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
255207c.2dcc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
256207c.2dcc: Registered Dll notification callback with NTDLL.
257207c.2dcc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
258207c.2dcc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
259207c.2dcc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
260207c.2dcc: supR3HardenedDllNotificationCallback: load 00007ffd7a5e0000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
261207c.2dcc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
262207c.2dcc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
263207c.2dcc: supR3HardenedDllNotificationCallback: load 00007ffd7be00000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
264207c.2dcc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
265207c.2dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\KERNEL32.DLL'
266207c.2dcc: supR3HardenedDllNotificationCallback: load 00007ff6bfb40000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
267207c.2dcc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
268207c.2dcc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
269207c.2dcc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
270207c.2dcc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd7d4117f0 pvNtTerminateThread=00007ffd7d43cb10
27147f4.33e0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 72 ms.
272207c.2dcc: \SystemRoot\System32\ntdll.dll:
273207c.2dcc: CreationTime: 2019-10-07T02:56:35.364321800Z
274207c.2dcc: LastWriteTime: 2019-10-07T02:56:35.396310100Z
275207c.2dcc: ChangeTime: 2019-12-26T04:46:09.958629900Z
276207c.2dcc: FileAttributes: 0x20
277207c.2dcc: Size: 0x1e8528
278207c.2dcc: NT Headers: 0xd8
279207c.2dcc: Timestamp: 0x99ca0526
280207c.2dcc: Machine: 0x8664 - amd64
281207c.2dcc: Timestamp: 0x99ca0526
282207c.2dcc: Image Version: 10.0
283207c.2dcc: SizeOfImage: 0x1f0000 (2031616)
284207c.2dcc: Resource Dir: 0x17f000 LB 0x6f310
285207c.2dcc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
286207c.2dcc: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
287207c.2dcc: ProductName: Microsoft® Windows® Operating System
288207c.2dcc: ProductVersion: 10.0.18362.418
289207c.2dcc: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
290207c.2dcc: FileDescription: NT Layer DLL
291207c.2dcc: \SystemRoot\System32\kernel32.dll:
292207c.2dcc: CreationTime: 2019-10-07T02:56:13.442518200Z
293207c.2dcc: LastWriteTime: 2019-10-07T02:56:13.442518200Z
294207c.2dcc: ChangeTime: 2019-12-26T04:46:09.821002000Z
295207c.2dcc: FileAttributes: 0x20
296207c.2dcc: Size: 0xb0570
297207c.2dcc: NT Headers: 0xe8
298207c.2dcc: Timestamp: 0xd0cecc10
299207c.2dcc: Machine: 0x8664 - amd64
300207c.2dcc: Timestamp: 0xd0cecc10
301207c.2dcc: Image Version: 10.0
302207c.2dcc: SizeOfImage: 0xb2000 (729088)
303207c.2dcc: Resource Dir: 0xb0000 LB 0x520
304207c.2dcc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
305207c.2dcc: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
306207c.2dcc: ProductName: Microsoft® Windows® Operating System
307207c.2dcc: ProductVersion: 10.0.18362.329
308207c.2dcc: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
309207c.2dcc: FileDescription: Windows NT BASE API Client DLL
310207c.2dcc: \SystemRoot\System32\KernelBase.dll:
311207c.2dcc: CreationTime: 2019-12-26T04:45:38.591012300Z
312207c.2dcc: LastWriteTime: 2019-12-26T04:45:38.645894200Z
313207c.2dcc: ChangeTime: 2019-12-26T21:24:08.108582900Z
314207c.2dcc: FileAttributes: 0x20
315207c.2dcc: Size: 0x2a2638
316207c.2dcc: NT Headers: 0xf0
317207c.2dcc: Timestamp: 0x50cc8d5a
318207c.2dcc: Machine: 0x8664 - amd64
319207c.2dcc: Timestamp: 0x50cc8d5a
320207c.2dcc: Image Version: 10.0
321207c.2dcc: SizeOfImage: 0x2a3000 (2764800)
322207c.2dcc: Resource Dir: 0x27d000 LB 0x548
323207c.2dcc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
324207c.2dcc: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
325207c.2dcc: ProductName: Microsoft® Windows® Operating System
326207c.2dcc: ProductVersion: 10.0.18362.535
327207c.2dcc: FileVersion: 10.0.18362.535 (WinBuild.160101.0800)
328207c.2dcc: FileDescription: Windows NT BASE API Client DLL
329207c.2dcc: \SystemRoot\System32\apisetschema.dll:
330207c.2dcc: CreationTime: 2019-03-19T04:43:54.837151500Z
331207c.2dcc: LastWriteTime: 2019-03-19T04:43:54.837151500Z
332207c.2dcc: ChangeTime: 2019-12-26T04:46:09.813023200Z
333207c.2dcc: FileAttributes: 0x20
334207c.2dcc: Size: 0x1d028
335207c.2dcc: NT Headers: 0xc8
336207c.2dcc: Timestamp: 0xd6ced080
337207c.2dcc: Machine: 0x8664 - amd64
338207c.2dcc: Timestamp: 0xd6ced080
339207c.2dcc: Image Version: 10.0
340207c.2dcc: SizeOfImage: 0x1e000 (122880)
341207c.2dcc: Resource Dir: 0x1d000 LB 0x408
342207c.2dcc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
343207c.2dcc: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
344207c.2dcc: ProductName: Microsoft® Windows® Operating System
345207c.2dcc: ProductVersion: 10.0.18362.1
346207c.2dcc: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
347207c.2dcc: FileDescription: ApiSet Schema DLL
348207c.2dcc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
349207c.2dcc: supR3HardenedWinFindAdversaries: 0x0
350207c.2dcc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
351207c.2dcc: Calling main()
352207c.2dcc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
353207c.2dcc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
354207c.2dcc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
355207c.2dcc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
356207c.2dcc: SUPR3HardenedMain: Respawn #2
357207c.2dcc: supR3HardNtEnableThreadCreationEx:
358207c.2dcc: supR3HardenedDllNotificationCallback: load 00007ffd7d060000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
359207c.2dcc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
360207c.2dcc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
361207c.2dcc: supR3HardenedDllNotificationCallback: load 00007ffd7b450000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
362207c.2dcc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
363207c.2dcc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
364207c.2dcc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
365207c.2dcc: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
366207c.2dcc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll)
367207c.2dcc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
368207c.2dcc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
369207c.2dcc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
370207c.2dcc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
371207c.2dcc: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
372207c.2dcc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7d3a0000 'C:\WINDOWS\System32\ntdll.dll'
373207c.2dcc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd7d4117f0 pvNtTerminateThread=00007ffd7d43cb10
374207c.2dcc: supR3HardenedWinDoReSpawn(2): New child 5058.4d1c [kernel32].
375207c.2dcc: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
376207c.2dcc: supR3HardNtChildGatherData: PebBaseAddress=0000000000a81000 cbPeb=0x388
377207c.2dcc: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd7d3a0000 uNtDllChildAddr=00007ffd7d3a0000
378207c.2dcc: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd7d4117f0
379207c.2dcc: supR3HardenedWinSetupChildInit: Initial context:
380 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6bfb47900 rdx=0000000000a81000
381 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
382 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
383 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
384 rip=00007ffd7d40ceb0 rsp=0000000000d1fe28 rbp=0000000000000000 ctxflags=0010001b
385 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
386 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
387 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
388 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
389 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
390207c.2dcc: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
391207c.2dcc: supR3HardenedWinSetupChildInit: Start child.
392207c.2dcc: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
393207c.2dcc: supR3HardNtChildPurify: Startup delay kludge #1/0: 257 ms, 29 sleeps
394207c.2dcc: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
395207c.2dcc: *0000000000000000-00000000009cffff 0x0001/0x0000 0x0000000
396207c.2dcc: *00000000009d0000-00000000009effff 0x0004/0x0004 0x0020000
397207c.2dcc: *00000000009f0000-00000000009f3fff 0x0002/0x0002 0x0040000
398207c.2dcc: 00000000009f4000-00000000009fffff 0x0001/0x0000 0x0000000
399207c.2dcc: *0000000000a00000-0000000000a80fff 0x0000/0x0004 0x0020000
400207c.2dcc: 0000000000a81000-0000000000a83fff 0x0004/0x0004 0x0020000
401207c.2dcc: 0000000000a84000-0000000000bfffff 0x0000/0x0004 0x0020000
402207c.2dcc: *0000000000c00000-0000000000c1afff 0x0002/0x0002 0x0040000
403207c.2dcc: 0000000000c1b000-0000000000c1ffff 0x0001/0x0000 0x0000000
404207c.2dcc: *0000000000c20000-0000000000d1afff 0x0000/0x0004 0x0020000
405207c.2dcc: 0000000000d1b000-0000000000d1dfff 0x0104/0x0004 0x0020000
406207c.2dcc: 0000000000d1e000-0000000000d1ffff 0x0004/0x0004 0x0020000
407207c.2dcc: *0000000000d20000-0000000000d21fff 0x0004/0x0004 0x0020000
408207c.2dcc: 0000000000d22000-000000007ffdffff 0x0001/0x0000 0x0000000
409207c.2dcc: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
410207c.2dcc: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
411207c.2dcc: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
412207c.2dcc: 000000007ffed000-00007ff5cb28ffff 0x0001/0x0000 0x0000000
413207c.2dcc: *00007ff5cb290000-00007ff5cb290fff 0x0002/0x0002 0x0040000
414207c.2dcc: 00007ff5cb291000-00007ff5cb29ffff 0x0001/0x0000 0x0000000
415207c.2dcc: *00007ff5cb2a0000-00007ff5cb2c2fff 0x0002/0x0002 0x0040000
416207c.2dcc: 00007ff5cb2c3000-00007ff6bfb3ffff 0x0001/0x0000 0x0000000
417207c.2dcc: *00007ff6bfb40000-00007ff6bfb40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
418207c.2dcc: 00007ff6bfb41000-00007ff6bfbb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
419207c.2dcc: 00007ff6bfbb7000-00007ff6bfbb7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
420207c.2dcc: 00007ff6bfbb8000-00007ff6bfbfffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
421207c.2dcc: 00007ff6bfc00000-00007ff6bfc00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
422207c.2dcc: 00007ff6bfc01000-00007ff6bfc01fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
423207c.2dcc: 00007ff6bfc02000-00007ff6bfc06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
424207c.2dcc: 00007ff6bfc07000-00007ff6bfc07fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
425207c.2dcc: 00007ff6bfc08000-00007ff6bfc08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
426207c.2dcc: 00007ff6bfc09000-00007ff6bfc0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
427207c.2dcc: 00007ff6bfc0d000-00007ff6bfc55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
428207c.2dcc: 00007ff6bfc56000-00007ffd7d39ffff 0x0001/0x0000 0x0000000
429207c.2dcc: *00007ffd7d3a0000-00007ffd7d3a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
430207c.2dcc: 00007ffd7d3a1000-00007ffd7d4b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
431207c.2dcc: 00007ffd7d4b8000-00007ffd7d4fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
432207c.2dcc: 00007ffd7d4ff000-00007ffd7d50afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
433207c.2dcc: 00007ffd7d50b000-00007ffd7d519fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
434207c.2dcc: 00007ffd7d51a000-00007ffd7d51afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
435207c.2dcc: 00007ffd7d51b000-00007ffd7d51dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
436207c.2dcc: 00007ffd7d51e000-00007ffd7d58ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
437207c.2dcc: 00007ffd7d590000-00007ffffffeffff 0x0001/0x0000 0x0000000
438207c.2dcc: VirtualBoxVM.exe: timestamp 0x5defad4f (rc=VINF_SUCCESS)
439207c.2dcc: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
440207c.2dcc: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
441207c.2dcc: supR3HardNtChildPurify: Done after 286 ms and 0 fixes (loop #0).
4425058.4d1c: Log file opened: 6.1.0r135406 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
4435058.4d1c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd7d3a0000 g_uNtVerCombined=0xa047bb00 (stack ~0000000000d1f8b8)
444207c.2dcc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000500000 LB 0x400000)
445207c.2dcc: supR3HardNtEnableThreadCreationEx:
4465058.4d1c: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
4475058.4d1c: New simple heap: #1 0000000000e30000 LB 0x400000 (for 2031616 allocation)
4485058.4d1c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
4495058.4d1c: System32: \Device\HarddiskVolume4\Windows\System32
4505058.4d1c: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
4515058.4d1c: KnownDllPath: C:\WINDOWS\System32
4525058.4d1c: supR3HardenedVmProcessInit: Opening vboxdrv...
4535058.4d1c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
4545058.4d1c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
4555058.4d1c: Registered Dll notification callback with NTDLL.
4565058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
4575058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
4585058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
4595058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a5e0000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
4605058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
4615058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
4625058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7be00000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
4635058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
4645058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\KERNEL32.DLL'
4655058.4d1c: supR3HardenedDllNotificationCallback: load 00007ff6bfb40000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
4665058.4d1c: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
4675058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
4685058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4695058.4d1c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd7d4117f0 pvNtTerminateThread=00007ffd7d43cb10
470207c.2dcc: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 133 ms.
4715058.4d1c: \SystemRoot\System32\ntdll.dll:
4725058.4d1c: CreationTime: 2019-10-07T02:56:35.364321800Z
4735058.4d1c: LastWriteTime: 2019-10-07T02:56:35.396310100Z
4745058.4d1c: ChangeTime: 2019-12-26T04:46:09.958629900Z
4755058.4d1c: FileAttributes: 0x20
4765058.4d1c: Size: 0x1e8528
4775058.4d1c: NT Headers: 0xd8
4785058.4d1c: Timestamp: 0x99ca0526
4795058.4d1c: Machine: 0x8664 - amd64
4805058.4d1c: Timestamp: 0x99ca0526
4815058.4d1c: Image Version: 10.0
4825058.4d1c: SizeOfImage: 0x1f0000 (2031616)
4835058.4d1c: Resource Dir: 0x17f000 LB 0x6f310
4845058.4d1c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4855058.4d1c: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
4865058.4d1c: ProductName: Microsoft® Windows® Operating System
4875058.4d1c: ProductVersion: 10.0.18362.418
4885058.4d1c: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
4895058.4d1c: FileDescription: NT Layer DLL
4905058.4d1c: \SystemRoot\System32\kernel32.dll:
4915058.4d1c: CreationTime: 2019-10-07T02:56:13.442518200Z
4925058.4d1c: LastWriteTime: 2019-10-07T02:56:13.442518200Z
4935058.4d1c: ChangeTime: 2019-12-26T04:46:09.821002000Z
4945058.4d1c: FileAttributes: 0x20
4955058.4d1c: Size: 0xb0570
4965058.4d1c: NT Headers: 0xe8
4975058.4d1c: Timestamp: 0xd0cecc10
4985058.4d1c: Machine: 0x8664 - amd64
4995058.4d1c: Timestamp: 0xd0cecc10
5005058.4d1c: Image Version: 10.0
5015058.4d1c: SizeOfImage: 0xb2000 (729088)
5025058.4d1c: Resource Dir: 0xb0000 LB 0x520
5035058.4d1c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5045058.4d1c: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
5055058.4d1c: ProductName: Microsoft® Windows® Operating System
5065058.4d1c: ProductVersion: 10.0.18362.329
5075058.4d1c: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
5085058.4d1c: FileDescription: Windows NT BASE API Client DLL
5095058.4d1c: \SystemRoot\System32\KernelBase.dll:
5105058.4d1c: CreationTime: 2019-12-26T04:45:38.591012300Z
5115058.4d1c: LastWriteTime: 2019-12-26T04:45:38.645894200Z
5125058.4d1c: ChangeTime: 2019-12-26T21:24:08.108582900Z
5135058.4d1c: FileAttributes: 0x20
5145058.4d1c: Size: 0x2a2638
5155058.4d1c: NT Headers: 0xf0
5165058.4d1c: Timestamp: 0x50cc8d5a
5175058.4d1c: Machine: 0x8664 - amd64
5185058.4d1c: Timestamp: 0x50cc8d5a
5195058.4d1c: Image Version: 10.0
5205058.4d1c: SizeOfImage: 0x2a3000 (2764800)
5215058.4d1c: Resource Dir: 0x27d000 LB 0x548
5225058.4d1c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5235058.4d1c: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5245058.4d1c: ProductName: Microsoft® Windows® Operating System
5255058.4d1c: ProductVersion: 10.0.18362.535
5265058.4d1c: FileVersion: 10.0.18362.535 (WinBuild.160101.0800)
5275058.4d1c: FileDescription: Windows NT BASE API Client DLL
5285058.4d1c: \SystemRoot\System32\apisetschema.dll:
5295058.4d1c: CreationTime: 2019-03-19T04:43:54.837151500Z
5305058.4d1c: LastWriteTime: 2019-03-19T04:43:54.837151500Z
5315058.4d1c: ChangeTime: 2019-12-26T04:46:09.813023200Z
5325058.4d1c: FileAttributes: 0x20
5335058.4d1c: Size: 0x1d028
5345058.4d1c: NT Headers: 0xc8
5355058.4d1c: Timestamp: 0xd6ced080
5365058.4d1c: Machine: 0x8664 - amd64
5375058.4d1c: Timestamp: 0xd6ced080
5385058.4d1c: Image Version: 10.0
5395058.4d1c: SizeOfImage: 0x1e000 (122880)
5405058.4d1c: Resource Dir: 0x1d000 LB 0x408
5415058.4d1c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5425058.4d1c: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
5435058.4d1c: ProductName: Microsoft® Windows® Operating System
5445058.4d1c: ProductVersion: 10.0.18362.1
5455058.4d1c: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
5465058.4d1c: FileDescription: ApiSet Schema DLL
5475058.4d1c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
5485058.4d1c: supR3HardenedWinFindAdversaries: 0x0
5495058.4d1c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
5505058.4d1c: Calling main()
5515058.4d1c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
5525058.4d1c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
5535058.4d1c: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
5545058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
5555058.4d1c: SUPR3HardenedMain: Final process, opening VBoxDrv...
5565058.4d1c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000e30000 LB 0x400000)
5575058.4d1c: supR3HardNtEnableThreadCreationEx:
5585058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
5595058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
5605058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5615058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5625058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd783a0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
5635058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5645058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5655058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5665058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd783a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5675058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5685058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5695058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd783a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5705058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd783a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5715058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5725058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
5735058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
5745058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
5755058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
5765058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
5775058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5785058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5795058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
5805058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
5815058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
5825058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
5835058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'msasn1.dll'.
5845058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
5855058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
5865058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
5875058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
5885058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
5895058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
5905058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5915058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5925058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
5935058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
5945058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
5955058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
5965058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
5975058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5985058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7bd60000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
5995058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6005058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a2a0000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
6015058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6025058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a890000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
6035058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
6045058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
6055058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a430000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
6065058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6075058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7d060000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
6085058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6095058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a580000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
6105058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6115058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6125058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6135058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-synch-l1-2-0'
6145058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6155058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6165058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-fibers-l1-1-1'
6175058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6185058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6195058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-fibers-l1-1-1'
6205058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6215058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6225058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-synch-l1-2-0'
6235058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
6245058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6255058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-l1-2-1'
6265058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a580000 'C:\WINDOWS\system32\Wintrust.dll'
6275058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
6285058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
6295058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6305058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a9e0000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
6315058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6325058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a9e0000 'C:\WINDOWS\system32\bcrypt.dll'
6335058.4d1c: bcrypt.dll loaded at 00007ffd7a9e0000, BCryptOpenAlgorithmProvider at 00007ffd7a9e4c70, preloading providers:
6345058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
6355058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
6365058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6375058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7b3d0000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
6385058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6395058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7b3d0000 'C:\WINDOWS\system32\bcryptprimitives.dll'
6405058.4d1c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000012ef8a0)
6415058.4d1c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000012efdf0)
6425058.4d1c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000012f00f0)
6435058.4d1c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000012f03f0)
6445058.4d1c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000012f06f0)
6455058.4d1c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000012f09f0)
6465058.4d1c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000012f0cf0)
6475058.4d1c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000012f0ff0)
6485058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a9c0000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
6495058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
6505058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
6515058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
6525058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
6535058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
6545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6565058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6575058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6585058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6595058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd79650000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
6605058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6615058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
6625058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
6635058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
6645058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
6655058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd79cb0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
6665058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
6675058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
6685058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
6695058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
6705058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6715058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6725058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\kernel32.dll'
6735058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6745058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6755058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a580000 'C:\WINDOWS\System32\WINTRUST.DLL'
6765058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6775058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6785058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\CRYPT32.dll'
6795058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7cf40000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
6805058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
6815058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
6825058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
6835058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6845058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6855058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6865058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6875058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6885058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
6895058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7b450000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
6905058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
6915058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
6925058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
6935058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6945058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
6955058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
6965058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
6975058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd78e70000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
6985058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
6995058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a2c0000 LB 0x0001f000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
7005058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
7015058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
7025058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7035058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
7045058.4d1c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
7055058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
7065058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7085058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7095058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7105058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7115058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7135058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7145058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7155058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7165058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7175058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7185058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7195058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7205058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7215058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7225058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7235058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd67f20000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
7245058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7255058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7265058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7275058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7285058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7295058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7305058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7315058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7325058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7335058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7345058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7355058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7365058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7375058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7385058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7395058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7405058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7415058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7425058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7435058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7445058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7455058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7465058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7475058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7485058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7495058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7505058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7515058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7525058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7535058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\WINDOWS\System32\cryptnet.dll'
7545058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7555058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67f20000 'C:\Windows\System32\cryptnet.dll'
7565058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7d180000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
7575058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7585058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
7595058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
7605058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
7615058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
7625058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7635058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7645058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7655058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7665058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
7675058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
7685058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
7695058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7705058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7715058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7725058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7735058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
7745058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7755058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7765058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
7775058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
7785058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000134f170
7795058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
7805058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E42142C43484BA84DDDB10D97303487D47E882DE
7815058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7825058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7835058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7d060000 'C:\WINDOWS\System32\rpcrt4.dll'
7845058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7855058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7865058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
7875058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7885058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7895058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
7905058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\SystemRoot\System32\ntdll.dll'
7915058.4d1c: g_pfnWinVerifyTrust=00007ffd7a5861f0
7925058.4d1c: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
7935058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7945058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7955058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
7965058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7975058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7985058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
7995058.4d1c: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
8005058.4d1c: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8015058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8025058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8035058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8045058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8055058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8065058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8075058.4d1c: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
8085058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8095058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8105058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8115058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8125058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
8135058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000038c pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
8145058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
8155058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
8165058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
8175058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8185058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8195058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8205058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
8215058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8225058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
8235058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8245058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8255058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8265058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
8275058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8285058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8295058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8305058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
8315058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8325058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8335058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8345058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
8355058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8365058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8375058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8385058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
8395058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8405058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8415058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8425058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
8435058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8445058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8455058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8465058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8475058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8485058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
8495058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
8505058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8515058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8525058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8535058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
8545058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8555058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8565058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
8575058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8585058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8595058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
8605058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8615058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8625058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll'
8635058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8645058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8655058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
8665058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8675058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8685058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
8695058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8705058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8715058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
8725058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8735058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
8745058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8755058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
8765058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8775058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8785058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
8795058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
8805058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
8815058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
8825058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\system32\crypt32.dll'
8835058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x12c425dbb49edf00 C=US, ST=California, L=Irvine, O=Blizzard Entertainment, OU=Battle.net, CN=Blizzard Battle.net Local Cert
8845058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x9f82c7ac3e60f84e CN=PETDEL241.petuna.local
8855058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
8865058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
8875058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
8885058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
8895058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
8905058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xd245c92064d2b700 CN=ESET SSL Filter CA, O=ESET, spol. s r. o., C=SK
8915058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
8925058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
8935058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
8945058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xd245c92064d2b700 CN=ESET SSL Filter CA, O=ESET, spol. s r. o., C=SK
8955058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
8965058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
8975058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
8985058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
8995058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
9005058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
9015058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
9025058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
9035058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
9045058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
9055058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
9065058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
9075058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
9085058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
9095058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
9105058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
9115058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
9125058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
9135058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
9145058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
9155058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
9165058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
9175058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
9185058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
9195058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
9205058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
9215058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
9225058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
9235058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
9245058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
9255058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
9265058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
9275058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
9285058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
9295058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
9305058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
9315058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
9325058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
9335058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
9345058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
9355058.4d1c: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: OU=Domain Control Validated, CN=remote.petuna.com
9365058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x6c032f6fb558b700 CN=petuna-CORSVRSBS-CA
9375058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0x6c032f6fb558b700 CN=petuna-CORSVRSBS-CA
9385058.4d1c: supR3HardenedWinIsDesiredRootCA: Adding 0xbb0707c8bc95c900 DC=local, DC=petuna, CN=petuna-PDS-DC01-CA
9395058.4d1c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=55
9405058.4d1c: SUPR3HardenedMain: Load Runtime...
9415058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
9425058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
9435058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
9445058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
9455058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
9465058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
9475058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9485058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
9495058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
9505058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
9515058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
9525058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
9535058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
9545058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
9555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9565058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9575058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
9585058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9595058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9605058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9615058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9625058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
9635058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
9645058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
9655058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
9665058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
9675058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9685058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9695058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9705058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9715058.4d1c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9725058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
9735058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
9745058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
9755058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
9765058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
9775058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9785058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
9795058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
9805058.4d1c: supR3HardenedDllNotificationCallback: load 000000006b5a0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
9815058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
9825058.4d1c: supR3HardenedDllNotificationCallback: load 000000006aa20000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
9835058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
9845058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7cf60000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
9855058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
9865058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd1f570000 LB 0x005e7000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
9875058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9885058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9895058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
9905058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9915058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9925058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9935058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9945058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
9955058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9965058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
9975058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
9985058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9995058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10005058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10015058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10025058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10035058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10045058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10055058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10065058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10075058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10085058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10095058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10105058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10115058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10125058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10135058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10145058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10155058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10165058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10175058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10185058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10195058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10205058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10215058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10225058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10235058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10245058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10255058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10265058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10275058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10285058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10295058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10305058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10315058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10325058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10335058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10345058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10355058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10365058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10375058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10385058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10395058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10405058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10415058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10425058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10435058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10445058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10455058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10465058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10475058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10485058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10495058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10505058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10515058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10525058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10535058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10545058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10555058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10565058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10575058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10585058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10595058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10605058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10615058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10625058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10635058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10645058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10655058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10665058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10675058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10685058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10695058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10705058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10715058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10725058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10735058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10745058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10755058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10765058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10775058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10785058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10795058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10805058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10815058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10825058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10835058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10845058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10855058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10865058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10875058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10885058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10895058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10905058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10915058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10925058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10935058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10945058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10955058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10965058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10975058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10985058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10995058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11005058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11015058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11025058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11035058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11045058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11055058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11065058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11075058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11085058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11095058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11105058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11115058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11125058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11135058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11145058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11155058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11165058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11175058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11185058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11195058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11205058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11215058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11225058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11235058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11245058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11255058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11265058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11275058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11285058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11295058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11305058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11315058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11325058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11335058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11345058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11355058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11365058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11375058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11385058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11395058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11405058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11415058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11425058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11435058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11445058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11455058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11465058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11475058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11485058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11495058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
11505058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11515058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11525058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11535058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11545058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11555058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11565058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11575058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11585058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11595058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11605058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11615058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11625058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11635058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11645058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f570000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11655058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
11665058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
11675058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
11685058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
11695058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a580000 'C:\WINDOWS\system32\Wintrust.dll'
11705058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
11715058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11725058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
11735058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
11745058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
11755058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
11765058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\system32\crypt32.dll'
11775058.4d1c: SUPR3HardenedMain: Load TrustedMain...
11785058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
11795058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
11805058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
11815058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
11825058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
11835058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
11845058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
11855058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
11865058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
11875058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
11885058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
11895058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
11905058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
11915058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
11925058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
11935058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
11945058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
11955058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
11965058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
11975058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
11985058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
11995058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
12005058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
12015058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
12025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12035058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12045058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12055058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12065058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
12075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
12085058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
12095058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
12105058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12115058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
12125058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
12135058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12145058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12155058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
12165058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
12175058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
12185058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12195058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
12205058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
12215058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
12225058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
12235058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
12245058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
12255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12265058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12275058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12285058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12295058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
12305058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
12315058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
12325058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
12335058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'bcryptprimitives.dll'.
12345058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
12355058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
12365058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
12375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
12385058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
12395058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
12405058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
12415058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
12425058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
12435058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
12445058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12455058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12465058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
12475058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
12485058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
12495058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
12505058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
12515058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
12525058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
12535058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
12545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12565058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
12575058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
12585058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
12595058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12605058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12615058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
12625058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
12635058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
12645058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
12655058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
12665058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12675058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12685058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
12695058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
12705058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
12715058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
12725058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12735058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12745058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
12755058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
12765058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
12775058.4d1c: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
12785058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
12795058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
12805058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12815058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12825058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12835058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
12845058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
12855058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
12865058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
12875058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
12885058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
12895058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
12905058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) WinVerifyTrust
12915058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
12925058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
12935058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12945058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12955058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12965058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
12975058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
12985058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
12995058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
13005058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
13015058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
13025058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
13035058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
13045058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
13055058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
13065058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
13075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
13085058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13095058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13105058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
13115058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13135058.4d1c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
13145058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
13155058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
13165058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
13175058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
13185058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
13195058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
13205058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
13215058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
13225058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
13235058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
13245058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13265058.4d1c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
13275058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
13285058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
13295058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
13305058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13315058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
13325058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
13335058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
13345058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
13355058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
13365058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
13375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
13385058.4d1c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
13395058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
13405058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
13415058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
13425058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
13435058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
13445058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
13455058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
13465058.4d1c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
13475058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
13485058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13495058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13505058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
13515058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13525058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13535058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
13545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
13565058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
13575058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
13585058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
13595058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
13605058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
13615058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13625058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13635058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13645058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13655058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13665058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
13675058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13685058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13695058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
13705058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13715058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13725058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13735058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13745058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13755058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
13765058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13775058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13785058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
13795058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13805058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13815058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13825058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13835058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13845058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
13855058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13865058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13875058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13885058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13895058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13905058.4d1c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
13915058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13925058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
13935058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13945058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
13955058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
13965058.4d1c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
13975058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
13985058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13995058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14005058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
14015058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14035058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
14045058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14055058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14065058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
14075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
14085058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
14095058.4d1c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
14105058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
14115058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
14125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14135058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14145058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
14155058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14165058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
14175058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
14185058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14195058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14205058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
14215058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14225058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14235058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14245058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14265058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14275058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
14285058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
14295058.4d1c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
14305058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14315058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
14325058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
14335058.4d1c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
14345058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
14355058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14365058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14375058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14385058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14395058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14405058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14415058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14425058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
14435058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
14445058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14455058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14465058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
14475058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14485058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14495058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14505058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14515058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14525058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14535058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14555058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
14565058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14575058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14585058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14595058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14605058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14615058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
14625058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
14635058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
14645058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14655058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
14665058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
14675058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
14685058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14695058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14705058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
14715058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14725058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14735058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
14745058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14755058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14765058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
14775058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14785058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14795058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
14805058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14815058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14825058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14835058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14845058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14855058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14865058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14875058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14885058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14895058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14905058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14915058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14925058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14935058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14945058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14955058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
14965058.4d1c: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
14975058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14985058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14995058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
15005058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
15015058.4d1c: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
15025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15035058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15045058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
15055058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15065058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15075058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
15085058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15095058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15105058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
15115058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
15125058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
15135058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
15145058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
15155058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
15165058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
15175058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
15185058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
15195058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
15205058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
15215058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
15225058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
15235058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
15245058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
15255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15265058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15275058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
15285058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
15295058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
15305058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
15315058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
15325058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15335058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15345058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
15355058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
15365058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
15375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15385058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15395058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
15405058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15415058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15425058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
15435058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15445058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15455058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
15465058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
15475058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
15485058.4d1c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
15495058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15505058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15515058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
15525058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15535058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15545058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
15555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15565058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15575058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15585058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15595058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
15605058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
15615058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
15625058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15635058.4d1c: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
15645058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
15655058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
15665058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
15675058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
15685058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
15695058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
15705058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
15715058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
15725058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
15735058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
15745058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
15755058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
15765058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
15775058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
15785058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DXCore.dll)
15795058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DXCore.dll
15805058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a990000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
15815058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
15825058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7aa10000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
15835058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
15845058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7b230000 LB 0x00194000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
15855058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
15865058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
15875058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
15885058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
15895058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll)
15905058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll
15915058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7c6a0000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
15925058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
15935058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7cda0000 LB 0x00194000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
15945058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [avoiding WinVerifyTrust]
15955058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7c810000 LB 0x00336000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
15965058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
15975058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a3e0000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
15985058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
15995058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
16005058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd78f80000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
16015058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
16025058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd35240000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
16035058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
16045058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd346d0000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
16055058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
16065058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7bcb0000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
16075058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16085058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
16095058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
16105058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
16115058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
16125058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a270000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0]
16135058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\umpdc.dll)
16145058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\umpdc.dll
16155058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a2e0000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
16165058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
16175058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
16185058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
16195058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
16205058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7cfd0000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
16215058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
16225058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
16235058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
16245058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
16255058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
16265058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a280000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
16275058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
16285058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
16295058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
16305058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
16315058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7aab0000 LB 0x0077f000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
16325058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
16335058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
16345058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
16355058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
16365058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
16375058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
16385058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7b5c0000 LB 0x006e5000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
16395058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
16405058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7bec0000 LB 0x00156000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
16415058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
16425058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd683c0000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
16435058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
16445058.4d1c: supR3HardenedDllNotificationCallback: load 000000006b030000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
16455058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16465058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffcfd960000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
16475058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
16485058.4d1c: supR3HardenedDllNotificationCallback: load 000000006aac0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
16495058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
16505058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7c6e0000 LB 0x000c4000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
16515058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
16525058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffcfdf60000 LB 0x0260b000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
16535058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
16545058.4d1c: supR3HardenedDllNotificationCallback: load 000000006a9c0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
16555058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
16565058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd78320000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
16575058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
16585058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd78350000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
16595058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
16605058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd443a0000 LB 0x001c9000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
16615058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
16625058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
16635058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
16645058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
16655058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
16665058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
16675058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
16685058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
16695058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
16705058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
16715058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
16725058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
16735058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
16745058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
16755058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
16765058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
16775058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
16785058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
16795058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
16805058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
16815058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
16825058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
16835058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
16845058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
16855058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
16865058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
16875058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
16885058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
16895058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
16905058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
16915058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
16925058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
16935058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
16945058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
16955058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
16965058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
16975058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
16985058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
16995058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
17005058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
17015058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
17025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
17035058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
17045058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17055058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17065058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17085058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17095058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
17105058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
17115058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
17125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
17135058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
17145058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
17155058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
17165058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17175058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17185058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17195058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17205058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17215058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17225058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
17235058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
17245058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
17255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17265058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17275058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
17285058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
17295058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
17305058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17315058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17325058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
17335058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
17345058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
17355058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
17365058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\umpdc.dll
17375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17385058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17395058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
17405058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
17415058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
17425058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
17435058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
17445058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17455058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17465058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
17475058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17485058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17495058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17505058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17515058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
17525058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
17535058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
17545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17565058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
17575058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
17585058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
17595058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17605058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17615058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
17625058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
17635058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
17645058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17655058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17665058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17675058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
17685058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
17695058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17705058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17715058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
17725058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
17735058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
17745058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17755058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17765058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17775058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
17785058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
17795058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17805058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\kernel32.dll'
17815058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
17825058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
17835058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
17845058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
17855058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
17865058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
17875058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
17885058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
17895058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
17905058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
17915058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
17925058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
17935058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
17945058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
17955058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
17965058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
17975058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
17985058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
17995058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
18005058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
18015058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
18025058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
18035058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
18045058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
18055058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18065058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18075058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
18085058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
18095058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
18105058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
18115058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
18125058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
18135058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
18145058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
18155058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
18165058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
18175058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
18185058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
18195058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
18205058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
18215058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
18225058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
18235058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
18245058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
18255058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
18265058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
18275058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
18285058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
18295058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
18305058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
18315058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
18325058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
18335058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
18345058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
18355058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
18365058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
18375058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
18385058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
18395058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
18405058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
18415058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
18425058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
18435058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18445058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18455058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
18465058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
18475058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
18485058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
18495058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
18505058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
18515058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
18525058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
18535058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
18545058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
18555058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
18565058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
18575058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
18585058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
18595058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-string-l1-1-0'
18605058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
18615058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
18625058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
18635058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
18645058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
18655058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
18665058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
18675058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
18685058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
18695058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
18705058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
18715058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
18725058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
18735058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
18745058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
18755058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
18765058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
18775058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
18785058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
18795058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
18805058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
18815058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
18825058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
18835058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
18845058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18855058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18865058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
18875058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
18885058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
18895058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
18905058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
18915058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
18925058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
18935058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
18945058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
18955058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
18965058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
18975058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
18985058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
18995058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
19005058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
19015058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
19025058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
19035058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
19045058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
19055058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
19065058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
19075058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
19085058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
19095058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
19105058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
19115058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
19125058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
19135058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
19145058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
19155058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
19165058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
19175058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
19185058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
19195058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
19205058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
19215058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
19225058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19235058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19245058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
19255058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
19265058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
19275058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
19285058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
19295058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
19305058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
19315058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
19325058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
19335058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
19345058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
19355058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
19365058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
19375058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
19385058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-datetime-l1-1-1'
19395058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
19405058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
19415058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
19425058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
19435058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
19445058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
19455058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
19465058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
19475058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
19485058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
19495058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
19505058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
19515058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
19525058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
19535058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
19545058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
19555058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
19565058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
19575058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
19585058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
19595058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
19605058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
19615058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
19625058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
19635058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19645058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19655058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
19665058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
19675058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
19685058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
19695058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
19705058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
19715058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
19725058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
19735058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
19745058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
19755058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
19765058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
19775058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
19785058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
19795058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
19805058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
19815058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
19825058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
19835058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
19845058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
19855058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
19865058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
19875058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
19885058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
19895058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
19905058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
19915058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
19925058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
19935058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
19945058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
19955058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
19965058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
19975058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
19985058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
19995058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
20005058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
20015058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20025058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20035058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
20045058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
20055058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
20065058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
20075058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
20085058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
20095058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
20105058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
20115058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
20125058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
20135058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
20145058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
20155058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
20165058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20175058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-obsolete-l1-2-0'
20185058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
20195058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
20205058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
20215058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
20225058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
20235058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
20245058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
20255058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
20265058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
20275058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
20285058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
20295058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
20305058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
20315058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
20325058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
20335058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
20345058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
20355058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
20365058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
20375058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
20385058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
20395058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
20405058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
20415058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
20425058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20435058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20445058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
20455058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
20465058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
20475058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
20485058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
20495058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
20505058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
20515058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
20525058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
20535058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
20545058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
20555058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
20565058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
20575058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
20585058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
20595058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
20605058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
20615058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
20625058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
20635058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
20645058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
20655058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
20665058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
20675058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
20685058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
20695058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
20705058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
20715058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
20725058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
20735058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
20745058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
20755058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
20765058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
20775058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
20785058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
20795058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
20805058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20815058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20825058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
20835058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
20845058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
20855058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
20865058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
20875058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
20885058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
20895058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
20905058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
20915058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
20925058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
20935058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
20945058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
20955058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
20965058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
20975058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
20985058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
20995058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
21005058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
21015058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
21025058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
21035058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
21045058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21055058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21065058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
21075058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
21085058.4d1c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
21095058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21105058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7d030000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
21115058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
21125058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7d030000 'C:\WINDOWS\system32\IMM32.DLL'
21135058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
21145058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
21155058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
21165058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
21175058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
21185058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
21195058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
21205058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
21215058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
21225058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
21235058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
21245058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
21255058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
21265058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
21275058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
21285058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
21295058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
21305058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
21315058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
21325058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
21335058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
21345058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
21355058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
21365058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
21375058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
21385058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
21395058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21405058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21415058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
21425058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
21435058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
21445058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
21455058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
21465058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
21475058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
21485058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
21495058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
21505058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
21515058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
21525058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
21535058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
21545058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
21555058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
21565058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
21575058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
21585058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
21595058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
21605058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
21615058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
21625058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
21635058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
21645058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
21655058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
21665058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
21675058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
21685058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
21695058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
21705058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
21715058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
21725058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
21735058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
21745058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
21755058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
21765058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
21775058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
21785058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
21795058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21805058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21815058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
21825058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
21835058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
21845058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
21855058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
21865058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
21875058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
21885058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
21895058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
21905058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
21915058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
21925058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
21935058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
21945058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21955058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7d180000 'C:\WINDOWS\System32\ADVAPI32.DLL'
21965058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
21975058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
21985058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
21995058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
22005058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
22015058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
22025058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
22035058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
22045058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
22055058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
22065058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
22075058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
22085058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
22095058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
22105058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
22115058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
22125058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
22135058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
22145058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
22155058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
22165058.4d1c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
22175058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
22185058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
22195058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
22205058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
22215058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
22225058.4d1c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
22235058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
22245058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
22255058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
22265058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
22275058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
22285058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
22295058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
22305058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
22315058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
22325058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
22335058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
22345058.4d1c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
22355058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
22365058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd443a0000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
22375058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22385058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22395058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
22405058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22415058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22425058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'
22435058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22445058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22455058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'
22465058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22475058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22485058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
22495058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22505058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22515058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'
22525058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22535058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22545058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'
22555058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22565058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22575058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'
22585058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22595058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22605058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'
22615058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22625058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22635058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'
22645058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22655058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22665058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'
22675058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000480 pwszName=\Device\HarddiskVolume4\Windows\System32\glu32.dll
22685058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
22695058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
22705058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
22715058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22725058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22735058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\glu32.dll'
22745058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22755058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll'
22765058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22775058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22785058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll'
22795058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22805058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22815058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
22825058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22835058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
22845058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22855058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22865058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll'
22875058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22885058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22895058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
22905058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22915058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22925058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
22935058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22945058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22955058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'
22965058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
22975058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
22985058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
22995058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
23005058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23015058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
23025058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
23035058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'
23045058.4d1c: SUPR3HardenedMain: Calling TrustedMain (00007ffd443a16c0)...
23055058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
23065058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
23075058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
23085058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23095058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
23105058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
23115058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
23125058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
23135058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
23145058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
23155058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
23165058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
23175058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
23185058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
23195058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23205058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23215058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
23225058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
23235058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
23245058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
23255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
23265058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
23275058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23285058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23295058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
23305058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
23315058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
23325058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
23335058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23345058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23355058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
23365058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
23385058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
23395058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
23405058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
23415058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
23425058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23435058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23445058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23455058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23465058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
23475058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23485058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23495058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23505058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
23515058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd1f440000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
23525058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
23535058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd1f440000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
23545058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000005d0 pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
23555058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
23565058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
23575058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=286AD1CEC16EFDCA5718925D19E68A486A5851A0
23585058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
23595058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
23605058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
23615058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23625058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23635058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
23645058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
23655058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) WinVerifyTrust
23665058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
23675058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23685058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23695058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23705058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23715058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23725058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23735058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
23745058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
23755058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd784c0000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
23765058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
23775058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd784c0000 'C:\WINDOWS\system32\uxtheme.dll'
23785058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7cda0000 'C:\WINDOWS\system32\user32.dll'
23795058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
23805058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23815058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7b5c0000 'C:\WINDOWS\system32\shell32.dll'
23825058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
23835058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23845058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7bcb0000 'C:\WINDOWS\system32\SHCore.dll'
23855058.4d1c: \Device\HarddiskVolume4\Windows\System32\wintab32.dll: Owner is administrators group.
23865058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
23875058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
23885058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'wtsapi32.dll'.
23895058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mpr.dll'.
23905058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
23915058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
23925058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'shell32.dll'.
23935058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
23945058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
23955058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintab32.dll) WinVerifyTrust
23965058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintab32.dll
23975058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23985058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23995058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
24005058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24015058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24025058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
24035058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
24045058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
24055058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
24065058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24085058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
24095058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
24105058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
24115058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
24125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
24135058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
24145058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll
24155058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wtsapi32.dll'...
24165058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wtsapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wtsapi32.dll' [rcNtRedir=0xc0150008]
24175058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
24185058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
24195058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24205058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wtsapi32.dll) WinVerifyTrust
24215058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wtsapi32.dll
24225058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24235058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24245058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24255058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintab32.dll
24265058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wtsapi32.dll
24275058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd77e30000 LB 0x00013000 C:\WINDOWS\SYSTEM32\WTSAPI32.dll [fFlags=0x0]
24285058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wtsapi32.dll
24295058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd06f20000 LB 0x0025e000 C:\WINDOWS\system32\wintab32.dll [fFlags=0x0]
24305058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintab32.dll
24315058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
24325058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24335058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-synch-l1-2-0'
24345058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
24355058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24365058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-fibers-l1-1-1'
24375058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
24385058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24395058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-synch-l1-2-0'
24405058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
24415058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24425058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-fibers-l1-1-1'
24435058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
24445058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24455058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-l1-2-1'
24465058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
24475058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24485058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\kernel32.dll'
24495058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
24505058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24515058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-string-l1-1-0'
24525058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
24535058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24545058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-datetime-l1-1-1'
24555058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
24565058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
24575058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-obsolete-l1-2-0'
24585058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd06f20000 'C:\WINDOWS\system32\wintab32.dll'
24595058.4d1c: Error (rc=0):
24605058.4d1c: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Wacom_Tablet.dll
24615058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
24625058.4d1c: Error (rc=0):
24635058.4d1c: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Pen_Tablet.dll
24645058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
24655058.4d1c: Error (rc=0):
24665058.4d1c: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\ISD_Tablet.dll
24675058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
24685058.4d1c: Error (rc=0):
24695058.4d1c: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Wacom_Tablet.dll
24705058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
24715058.4d1c: Error (rc=0):
24725058.4d1c: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\Pen_Tablet.dll
24735058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
24745058.4d1c: Error (rc=0):
24755058.4d1c: supR3HardenedMonitor_LdrLoadDll: relative name not permitted: .\ISD_Tablet.dll
24765058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000033
24775058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7cda0000 'C:\WINDOWS\system32\user32.dll'
24785058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
24795058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24805058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\system32\winmm.dll'
24815058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
24825058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24835058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\system32\winmm.dll'
24845058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
24855058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24865058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7b5c0000 'C:\WINDOWS\system32\shell32.dll'
24875058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
24885058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24895058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd784c0000 'C:\WINDOWS\system32\uxtheme.dll'
24905058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
24915058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24925058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7d180000 'C:\WINDOWS\system32\advapi32.dll'
24935058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
24945058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
24955058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
24965058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
24975058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) WinVerifyTrust
24985058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
24995058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
25005058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
25015058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
25025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25035058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25045058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25055058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
25065058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7a190000 LB 0x00025000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
25075058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
25085058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a190000 'C:\WINDOWS\system32\userenv.dll'
25095058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
25105058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25115058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\kernel32.dll'
25125058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7d2b0000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
25135058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25145058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
25155058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
25165058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
25175058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25185058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25195058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25205058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25215058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
25225058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
25235058.5388: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
25245058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
25255058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25265058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
25275058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
25285058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
25295058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
25305058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
25315058.5388: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
25325058.5388: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
25335058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25345058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25355058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
25365058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
25375058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
25385058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
25395058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25405058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25415058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
25425058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25435058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25445058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
25455058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
25465058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
25475058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25485058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25495058.5388: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25505058.5388: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
25515058.5388: supR3HardenedDllNotificationCallback: load 00007ffcfd5b0000 LB 0x003b0000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
25525058.5388: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
25535058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcfd5b0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
25545058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
25555058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25565058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25575058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
25585058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
25595058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
25605058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
25615058.5388: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
25625058.5388: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
25635058.5388: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
25645058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25655058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25665058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25675058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25685058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
25695058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
25705058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
25715058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
25725058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
25735058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
25745058.5388: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
25755058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25765058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25775058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25785058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25795058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25805058.5388: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25815058.5388: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25825058.5388: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
25835058.5388: supR3HardenedDllNotificationCallback: load 00007ffd0bff0000 LB 0x000ed000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
25845058.5388: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
25855058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0bff0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
25865058.5388: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
25875058.5388: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25885058.5388: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c6e0000 'C:\Windows\System32\oleaut32.dll'
25895058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c6a0000 'C:\WINDOWS\system32\gdi32.dll'
25905058.4420: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
25915058.4420: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
25925058.4420: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
25935058.4420: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25945058.4420: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25955058.4420: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
25965058.4420: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25975058.4420: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25985058.4420: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25995058.4420: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
26005058.4420: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
26015058.4420: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26025058.4420: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
26035058.4420: supR3HardenedDllNotificationCallback: load 00007ffd781a0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
26045058.4420: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
26055058.4420: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd781a0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
26065058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
26075058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26085058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7b5c0000 'C:\WINDOWS\system32\shell32.dll'
26095058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd7c0f0000 LB 0x00135000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
26105058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26115058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
26125058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
26135058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
26145058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
26155058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
26165058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
26175058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
26185058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26195058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
26205058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
26215058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
26225058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
26235058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
26245058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
26255058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26265058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26275058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26285058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
26295058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
26305058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26315058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26325058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
26335058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
26345058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
26355058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000960 pwszName=\Device\HarddiskVolume4\Windows\System32\DataExchange.dll
26365058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
26375058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
26385058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3632E0380EF7C400BBC7C4B0B9ED8D9F9860503B
26395058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
26405058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
26415058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\DataExchange.dll'
26425058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26435058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26445058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
26455058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
26465058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
26475058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
26485058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) WinVerifyTrust
26495058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
26505058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
26515058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
26525058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
26535058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
26545058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
26555058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
26565058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) WinVerifyTrust
26575058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll
26585058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
26595058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
26605058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
26615058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
26625058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
26635058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
26645058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
26655058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll
26665058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
26675058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
26685058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26695058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
26705058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
26715058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) WinVerifyTrust
26725058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll
26735058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
26745058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
26755058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
26765058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
26775058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
26785058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
26795058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26805058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26815058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
26825058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
26835058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
26845058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll
26855058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
26865058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
26875058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
26885058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
26895058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26905058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
26915058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26925058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
26935058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll) WinVerifyTrust
26945058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll
26955058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26965058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26975058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
26985058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
26995058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27005058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27015058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27025058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
27035058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
27045058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
27055058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll
27065058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd79040000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
27075058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll
27085058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd76c40000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
27095058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
27105058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd76ea0000 LB 0x001db000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
27115058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
27125058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd32090000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
27135058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
27145058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c6a0000 'C:\WINDOWS\System32\gdi32.dll'
27155058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd32090000 'C:\WINDOWS\system32\dataexchange.dll'
27165058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
27175058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
27185058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
27195058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
27205058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll)
27215058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll
27225058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27235058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
27245058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rmclient.dll)
27255058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rmclient.dll
27265058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd78b90000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
27275058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
27285058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd78680000 LB 0x0025a000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
27295058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
27305058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27315058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27325058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27335058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27345058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
27355058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
27365058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
27375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
27385058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
27395058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
27405058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27415058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27425058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
27435058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume4\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
27445058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
27455058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
27465058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
27475058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rmclient.dll'
27485058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
27495058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
27505058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll'
27515058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
27525058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27535058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7bcb0000 'C:\WINDOWS\system32\Shcore.dll'
27545058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27555058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
27565058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
27575058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
27585058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll)
27595058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
27605058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27615058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
27625058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
27635058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll)
27645058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
27655058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27665058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll)
27675058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
27685058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll)
27695058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll
27705058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
27715058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
27725058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
27735058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
27745058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
27755058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd79420000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
27765058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
27775058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd77430000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
27785058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
27795058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd757f0000 LB 0x00153000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
27805058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
27815058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd743b0000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
27825058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
27835058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd4fa20000 LB 0x0009e000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
27845058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
27855058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
27865058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
27875058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
27885058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27895058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27905058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
27915058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
27925058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
27935058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27945058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27955058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
27965058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
27975058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
27985058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
27995058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
28005058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
28015058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28035058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
28045058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
28055058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
28065058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
28075058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
28085058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
28095058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28105058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28115058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28135058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28145058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28155058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\WinTypes.dll'
28165058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28175058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28185058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntmarta.dll'
28195058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28205058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28215058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll'
28225058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28235058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28245058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll'
28255058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28265058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28275058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll'
28285058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
28295058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28305058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7cda0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
28315058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
28325058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28335058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7cda0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
28345058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
28355058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28365058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c810000 'api-ms-win-core-com-l1-1-0.dll'
28375058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28385058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\iertutil.dll)
28395058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\iertutil.dll
28405058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd63ee0000 LB 0x002a6000 C:\WINDOWS\System32\iertutil.dll [fFlags=0x0]
28415058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
28425058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28435058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28445058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28455058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28465058.4d1c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\iertutil.dll'
28475058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7bec0000 'C:\WINDOWS\system32\ole32.dll'
28485058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a88 pwszName=\Device\HarddiskVolume4\Windows\System32\Speech\SpeechUX\SPTIP.DLL
28495058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
28505058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
28515058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=79F1FE5128322BADA966B8BA69C66029D83A1E0F
28525058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28535058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28545058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\Speech\SpeechUX\SPTIP.DLL'
28555058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28565058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28575058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
28585058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
28595058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
28605058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
28615058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
28625058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'shlwapi.dll'.
28635058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\Speech\SpeechUX\SPTIP.DLL) WinVerifyTrust
28645058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Speech\SpeechUX\SPTIP.DLL
28655058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
28665058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
28675058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
28685058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
28695058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
28705058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
28715058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
28725058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
28735058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
28745058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28755058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
28765058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28775058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28785058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28795058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28805058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Speech\SpeechUX\SpTip.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
28815058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Speech\SpeechUX\SPTIP.DLL
28825058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd74be0000 LB 0x0002a000 C:\Windows\System32\Speech\SpeechUX\SpTip.dll [fFlags=0x0]
28835058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Speech\SpeechUX\SPTIP.DLL
28845058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74be0000 'C:\Windows\System32\Speech\SpeechUX\SpTip.dll'
28855058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
28865058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28875058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c0f0000 'C:\WINDOWS\System32\MSCTF.dll'
28885058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ac4 pwszName=\Device\HarddiskVolume4\Windows\System32\oleacc.dll
28895058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
28905058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
28915058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4DE24409C9F6743A292F9B0C8FB1A7F688A78696
28925058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
28935058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
28945058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04113~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\oleacc.dll'
28955058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28965058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
28975058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'user32.dll'.
28985058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleacc.dll) WinVerifyTrust
28995058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleacc.dll
29005058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29015058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29025058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29035058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29045058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29055058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
29065058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd539f0000 LB 0x00065000 C:\WINDOWS\system32\Oleacc.dll [fFlags=0x0]
29075058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
29085058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd539f0000 'C:\WINDOWS\system32\Oleacc.dll'
29095058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c6e0000 'C:\WINDOWS\System32\OLEAUT32.DLL'
29105058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
29115058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29125058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd539f0000 'C:\WINDOWS\system32\oleacc.dll'
29135058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleacc.dll
29145058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
29155058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd539f0000 'C:\Windows\System32\oleacc.dll'
29165058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7bec0000 'C:\WINDOWS\System32\ole32.dll'
29175058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7c6e0000 'C:\WINDOWS\System32\OLEAUT32.dll'
29185058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aac pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
29195058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
29205058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
29215058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DB1AA7E2E4704C908EC9382E1F9E64808B9E5E1D
29225058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
29235058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
29245058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll'
29255058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29265058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29275058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
29285058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
29295058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
29305058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
29315058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
29325058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
29335058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af4 pwszName=\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
29345058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
29355058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
29365058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22EAF38FA276D7A374D3945ACD556FA0953D3440
29375058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
29385058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
29395058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll'
29405058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29415058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29425058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
29435058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
29445058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll) WinVerifyTrust
29455058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
29465058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29475058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
29485058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
29495058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29505058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29515058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29525058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
29535058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
29545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
29555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
29565058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
29575058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29585058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29595058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
29605058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
29615058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
29625058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd67b50000 LB 0x00084000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
29635058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
29645058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd67be0000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
29655058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
29665058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
29675058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29685058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
29695058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd67be0000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
29705058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b30 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
29715058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
29725058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
29735058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00C864D7F76A7AD25E7D0DA164B0B66188F5B7FF
29745058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
29755058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
29765058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll'
29775058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29785058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29795058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
29805058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
29815058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
29825058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29835058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29845058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29855058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29865058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
29875058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
29885058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd66cb0000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
29895058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
29905058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd66cb0000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
29915058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
29925058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29935058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-l1-2-0.dll'
29945058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
29955058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29965058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
29975058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b4c pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
29985058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
29995058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
30005058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
30015058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
30025058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
30035058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll'
30045058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30055058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30065058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
30075058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
30085058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
30095058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
30105058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
30115058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
30125058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30135058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30145058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
30155058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
30165058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd66e60000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
30175058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
30185058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd66e60000 'C:\WINDOWS\system32\wbem\fastprox.dll'
30195058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b0c pwszName=\Device\HarddiskVolume4\Windows\System32\amsi.dll
30205058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
30215058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
30225058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5D4D58A583ACAD5AA76D7DD0F2DB8ADE903942B
30235058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
30245058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
30255058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\amsi.dll'
30265058.4d1c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
30275058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30285058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
30295058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'userenv.dll'.
30305058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\amsi.dll) WinVerifyTrust
30315058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\amsi.dll
30325058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
30335058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
30345058.4d1c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
30355058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30365058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30375058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30385058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30395058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30405058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
30415058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd668c0000 LB 0x00015000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
30425058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
30435058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd668c0000 'C:\WINDOWS\System32\amsi.dll'
30445058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
30455058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
30465058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
30475058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
30485058.4d1c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
30495058.4d1c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll) WinVerifyTrust
30505058.4d1c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll
30515058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
30525058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
30535058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
30545058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
30555058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30565058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
30575058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30585058.4d1c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30595058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\ESET\ESET Security\eamsi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30605058.4d1c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll
30615058.4d1c: supR3HardenedDllNotificationCallback: load 00007ffd66830000 LB 0x00038000 C:\Program Files\ESET\ESET Security\eamsi.dll [fFlags=0x0]
30625058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\ESET\ESET Security\eamsi.dll
30635058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
30645058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30655058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-synch-l1-2-0'
30665058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
30675058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30685058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-fibers-l1-1-1'
30695058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
30705058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30715058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-synch-l1-2-0'
30725058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
30735058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30745058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-fibers-l1-1-1'
30755058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
30765058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30775058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-l1-2-1'
30785058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
30795058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30805058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\kernel32.dll'
30815058.4d1c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
30825058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30835058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7be00000 'C:\WINDOWS\System32\kernel32.dll'
30845058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
30855058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30865058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-string-l1-1-0'
30875058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
30885058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30895058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-datetime-l1-1-1'
30905058.4d1c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
30915058.4d1c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30925058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a5e0000 'api-ms-win-core-localization-obsolete-l1-2-0'
30935058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd66830000 'C:\Program Files\ESET\ESET Security\eamsi.dll'
30945058.4d1c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7d180000 'C:\WINDOWS\System32\ADVAPI32.dll'
30955058.ae0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
30965058.ae0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30975058.ae0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30985058.ae0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
30995058.ae0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
31005058.ae0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31015058.ae0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31025058.ae0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31035058.ae0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31045058.ae0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31055058.ae0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
31065058.ae0: supR3HardenedDllNotificationCallback: load 00007ffd22870000 LB 0x0037d000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
31075058.ae0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
31085058.ae0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd22870000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
31095058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
31105058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ca4 pwszName=\Device\HarddiskVolume4\Windows\System32\NetSetupShim.dll
31115058.3600: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
31125058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
31135058.3600: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7F5B666FF2CFCD1394E450AF7141F0F82A5730F3
31145058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
31155058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
31165058.3600: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04113~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\NetSetupShim.dll'
31175058.3600: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31185058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
31195058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
31205058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'oleaut32.dll'.
31215058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'ws2_32.dll'.
31225058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'netsetupapi.dll'.
31235058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'setupapi.dll'.
31245058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'devrtl.dll'.
31255058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\NetSetupShim.dll) WinVerifyTrust
31265058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\NetSetupShim.dll
31275058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devrtl.dll'...
31285058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'devrtl.dll' -> '\Device\HarddiskVolume4\Windows\System32\devrtl.dll' [rcNtRedir=0xc0150008]
31295058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b44 pwszName=\Device\HarddiskVolume4\Windows\System32\devrtl.dll
31305058.3600: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
31315058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
31325058.3600: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D2E5A6C3AFA14B1D9C532760FD646C3AC357C7AB
31335058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
31345058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
31355058.3600: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\devrtl.dll'
31365058.3600: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31375058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devrtl.dll) WinVerifyTrust
31385058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devrtl.dll
31395058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
31405058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
31415058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
31425058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
31435058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31445058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
31455058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'cfgmgr32.dll'.
31465058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
31475058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\setupapi.dll) WinVerifyTrust
31485058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\setupapi.dll
31495058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netsetupapi.dll'...
31505058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'netsetupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\netsetupapi.dll' [rcNtRedir=0xc0150008]
31515058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
31525058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
31535058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
31545058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
31555058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
31565058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
31575058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
31585058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
31595058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31605058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31615058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
31625058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
31635058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31645058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
31655058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\NetSetupApi.dll) WinVerifyTrust
31665058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\NetSetupApi.dll
31675058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
31685058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
31695058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
31705058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
31715058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
31725058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
31735058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
31745058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
31755058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
31765058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
31775058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
31785058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
31795058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
31805058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
31815058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupShim.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
31825058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\NetSetupShim.dll
31835058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\NetSetupApi.dll
31845058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devrtl.dll
31855058.3600: supR3HardenedDllNotificationCallback: load 00007ffd66cd0000 LB 0x00025000 C:\Windows\System32\NetSetupApi.dll [fFlags=0x0]
31865058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\NetSetupApi.dll
31875058.3600: supR3HardenedDllNotificationCallback: load 00007ffd7c230000 LB 0x00470000 C:\WINDOWS\System32\setupapi.dll [fFlags=0x0]
31885058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
31895058.3600: supR3HardenedDllNotificationCallback: load 00007ffd6a390000 LB 0x00013000 C:\Windows\System32\DEVRTL.dll [fFlags=0x0]
31905058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devrtl.dll
31915058.3600: supR3HardenedDllNotificationCallback: load 00007ffd4bca0000 LB 0x00081000 C:\Windows\System32\NetSetupShim.dll [fFlags=0x0]
31925058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\NetSetupShim.dll
31935058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd4bca0000 'C:\Windows\System32\NetSetupShim.dll'
31945058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
31955058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
31965058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
31975058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
31985058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'nsi.dll'.
31995058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'winnsi.dll'.
32005058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\NetSetupEngine.dll) WinVerifyTrust
32015058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\NetSetupEngine.dll
32025058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
32035058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
32045058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
32055058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
32065058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32075058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
32085058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winnsi.dll) WinVerifyTrust
32095058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winnsi.dll
32105058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
32115058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
32125058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
32135058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
32145058.3600: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
32155058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll)
32165058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\nsi.dll
32175058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32185058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32195058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
32205058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
32215058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll) WinVerifyTrust
32225058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32235058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32245058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32255058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32265058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
32275058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupEngine.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32285058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\NetSetupEngine.dll
32295058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll
32305058.3600: supR3HardenedDllNotificationCallback: load 00007ffd7cd10000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0]
32315058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
32325058.3600: supR3HardenedDllNotificationCallback: load 00007ffd75950000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\WINNSI.DLL [fFlags=0x0]
32335058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll
32345058.3600: supR3HardenedDllNotificationCallback: load 00007ffd442d0000 LB 0x000ce000 C:\Windows\System32\NetSetupEngine.dll [fFlags=0x0]
32355058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\NetSetupEngine.dll
32365058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd442d0000 'C:\Windows\System32\NetSetupEngine.dll'
32375058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
32385058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
32395058.3600: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\nsi.dll'
32405058.32a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
32415058.32a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32425058.32a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
32435058.32a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
32445058.32a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
32455058.32a4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
32465058.32a4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
32475058.32a4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
32485058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32495058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
32505058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32515058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32525058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
32535058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
32545058.32a4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
32555058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
32565058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
32575058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32585058.32a4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32595058.32a4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32605058.32a4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
32615058.32a4: supR3HardenedDllNotificationCallback: load 00007ffd78160000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
32625058.32a4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
32635058.32a4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78160000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
32645058.4b64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
32655058.4b64: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32665058.4b64: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
32675058.4b64: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
32685058.4b64: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
32695058.4b64: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
32705058.4b64: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32715058.4b64: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32725058.4b64: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
32735058.4b64: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
32745058.4b64: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32755058.4b64: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32765058.4b64: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
32775058.4b64: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32785058.4b64: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
32795058.4b64: supR3HardenedDllNotificationCallback: load 00007ffd78150000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
32805058.4b64: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
32815058.4b64: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78150000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
32825058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7b5c0000 'C:\WINDOWS\system32\Shell32.dll'
32835058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
32845058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32855058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd22870000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
32865058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
32875058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32885058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
32895058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
32905058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
32915058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
32925058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
32935058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
32945058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
32955058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
32965058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
32975058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
32985058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32995058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33005058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33015058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33025058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33035058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33045058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33055058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
33065058.3600: supR3HardenedDllNotificationCallback: load 00007ffd4b660000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
33075058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
33085058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd4b660000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
33095058.3600: supR3HardenedDllNotificationCallback: Unload 00007ffd4b660000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
33105058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
33115058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
33125058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
33135058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
33145058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
33155058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
33165058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
33175058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
33185058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
33195058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
33205058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
33215058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
33225058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
33235058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
33245058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
33255058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
33265058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
33275058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
33285058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
33295058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
33305058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
33315058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
33325058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
33335058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
33345058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
33355058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
33365058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
33375058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
33385058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33395058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33405058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
33415058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
33425058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
33435058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
33445058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
33455058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
33465058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
33475058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
33485058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
33495058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33505058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33515058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33525058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33535058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
33545058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
33555058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
33565058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
33575058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
33585058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
33595058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
33605058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
33615058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33625058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33635058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
33645058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
33655058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
33665058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33675058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33685058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
33695058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
33705058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
33715058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
33725058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
33735058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33745058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33755058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33765058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33775058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33785058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33795058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33805058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
33815058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
33825058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
33835058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
33845058.3600: supR3HardenedDllNotificationCallback: load 00007ffd35b70000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
33855058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
33865058.3600: supR3HardenedDllNotificationCallback: load 00007ffcfc360000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
33875058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
33885058.3600: supR3HardenedDllNotificationCallback: load 00007ffd797f0000 LB 0x0003a000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
33895058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
33905058.3600: supR3HardenedDllNotificationCallback: load 00007ffcfcbc0000 LB 0x009e1000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
33915058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
33925058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcfcbc0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
33935058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
33945058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
33955058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33965058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
33975058.3600: supR3HardenedDllNotificationCallback: load 00007ffd4b660000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
33985058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
33995058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd4b660000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
34005058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34015058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
34025058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34035058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcfd5b0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
34045058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34055058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
34065058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34075058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcfc360000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
34085058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34095058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34105058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
34115058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
34125058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
34135058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
34145058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
34155058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
34165058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
34175058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
34185058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34195058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
34205058.3600: supR3HardenedDllNotificationCallback: load 00007ffd75760000 LB 0x00017000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
34215058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
34225058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd75760000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
34235058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34245058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34255058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
34265058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
34275058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
34285058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
34295058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
34305058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
34315058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
34325058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
34335058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34345058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
34355058.3600: supR3HardenedDllNotificationCallback: load 00007ffd43980000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
34365058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
34375058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd43980000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
34385058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34395058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34405058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
34415058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
34425058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
34435058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
34445058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
34455058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
34465058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
34475058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
34485058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34495058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
34505058.3600: supR3HardenedDllNotificationCallback: load 00007ffd43960000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
34515058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
34525058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd43960000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
34535058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34545058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34555058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
34565058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
34575058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
34585058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
34595058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
34605058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
34615058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
34625058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
34635058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34645058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
34655058.3600: supR3HardenedDllNotificationCallback: load 00007ffd43270000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
34665058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
34675058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd43270000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
34685058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34695058.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34705058.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
34715058.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
34725058.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
34735058.2154: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
34745058.2154: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
34755058.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
34765058.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
34775058.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
34785058.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
34795058.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
34805058.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
34815058.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
34825058.2154: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34835058.2154: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
34845058.2154: supR3HardenedDllNotificationCallback: load 00007ffd43250000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
34855058.2154: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
34865058.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd43250000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
34875058.4768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
34885058.4768: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34895058.4768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
34905058.4768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
34915058.4768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
34925058.4768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
34935058.4768: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
34945058.4768: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
34955058.4768: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
34965058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
34975058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
34985058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
34995058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
35005058.4768: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
35015058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
35025058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
35035058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
35045058.4768: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
35055058.4768: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35065058.4768: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
35075058.4768: supR3HardenedDllNotificationCallback: load 00007ffd75750000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
35085058.4768: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
35095058.4768: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd75750000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
35105058.2650: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
35115058.2650: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
35125058.2650: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
35135058.2650: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
35145058.2650: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
35155058.2650: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
35165058.2650: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
35175058.2650: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
35185058.2650: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
35195058.2650: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
35205058.2650: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
35215058.2650: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
35225058.2650: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35235058.2650: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
35245058.2650: supR3HardenedDllNotificationCallback: load 00007ffd74c40000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
35255058.2650: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
35265058.2650: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74c40000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
35275058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
35285058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
35295058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
35305058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
35315058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
35325058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
35335058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
35345058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
35355058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
35365058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
35375058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35385058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
35395058.3600: supR3HardenedDllNotificationCallback: load 00007ffd47d50000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
35405058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
35415058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd47d50000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
35425058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
35435058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
35445058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
35455058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
35465058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
35475058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) WinVerifyTrust
35485058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
35495058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
35505058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
35515058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
35525058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
35535058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
35545058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) WinVerifyTrust
35555058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
35565058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
35575058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
35585058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
35595058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
35605058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
35615058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
35625058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
35635058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
35645058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
35655058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
35665058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
35675058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll
35685058.3600: supR3HardenedDllNotificationCallback: load 00007ffd7a070000 LB 0x0002a000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
35695058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll
35705058.3600: supR3HardenedDllNotificationCallback: load 00007ffd726a0000 LB 0x00072000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
35715058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
35725058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd726a0000 'C:\WINDOWS\System32\MMDevApi.dll'
35735058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c54 pwszName=\Device\HarddiskVolume4\Windows\System32\dsound.dll
35745058.3600: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
35755058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
35765058.3600: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8184043CF3F3DF1E3CF96E74DBBF7D0836417373
35775058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
35785058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
35795058.3600: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\dsound.dll'
35805058.3600: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35815058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35825058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'winmm.dll'.
35835058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dsound.dll) WinVerifyTrust
35845058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dsound.dll
35855058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
35865058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
35875058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
35885058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35895058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35905058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
35915058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
35925058.3600: supR3HardenedDllNotificationCallback: load 00007ffd0efe0000 LB 0x00099000 C:\WINDOWS\System32\dsound.dll [fFlags=0x0]
35935058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
35945058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
35955058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35965058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\System32\dsound.dll'
35975058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\System32\dsound.dll'
35985058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
35995058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36005058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
36015058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
36025058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36035058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd726a0000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
36045058.5698: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
36055058.5698: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
36065058.5698: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
36075058.5698: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
36085058.5698: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
36095058.5698: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
36105058.5698: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) WinVerifyTrust
36115058.5698: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
36125058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
36135058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
36145058.5698: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
36155058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
36165058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
36175058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36185058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36195058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
36205058.5698: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
36215058.5698: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36225058.5698: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
36235058.5698: supR3HardenedDllNotificationCallback: load 00007ffd72810000 LB 0x0015d000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
36245058.5698: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
36255058.5698: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd72810000 'C:\WINDOWS\System32\AUDIOSES.DLL'
36265058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
36275058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36285058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
36295058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ff0 pwszName=\Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36305058.3600: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
36315058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
36325058.3600: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=38EA8D6D625C6A0A9075DAE17FD33652FF8FC23A
36335058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
36345058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
36355058.3600: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\wdmaud.drv'
36365058.3600: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36375058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36385058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
36395058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
36405058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
36415058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) WinVerifyTrust
36425058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36435058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
36445058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
36455058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
36465058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
36475058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) WinVerifyTrust
36485058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll
36495058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
36505058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
36515058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
36525058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
36535058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36545058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) WinVerifyTrust
36555058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll
36565058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
36575058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
36585058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
36595058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36605058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36615058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36625058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36635058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36645058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36655058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
36665058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
36675058.3600: supR3HardenedDllNotificationCallback: load 00007ffd74ba0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
36685058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
36695058.3600: supR3HardenedDllNotificationCallback: load 00007ffd74990000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
36705058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
36715058.3600: supR3HardenedDllNotificationCallback: load 00007ffd58dc0000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
36725058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36735058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36745058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36755058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36765058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36775058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36785058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36795058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36805058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36815058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36825058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36835058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36845058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36855058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36865058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36875058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36885058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36895058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
36905058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36915058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36925058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd58dc0000 'C:\WINDOWS\System32\wdmaud.drv'
36935058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001064 pwszName=\Device\HarddiskVolume4\Windows\System32\msacm32.drv
36945058.3600: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
36955058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
36965058.3600: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=763C5E89A8DA653902990733D245B99CC7C40BEA
36975058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
36985058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
36995058.3600: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\msacm32.drv'
37005058.3600: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
37015058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37025058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
37035058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
37045058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
37055058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) WinVerifyTrust
37065058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37075058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
37085058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
37095058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
37105058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
37115058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
37125058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
37135058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
37145058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37155058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) WinVerifyTrust
37165058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll
37175058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
37185058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
37195058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
37205058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37215058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37225058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37235058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37245058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37255058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37265058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
37275058.3600: supR3HardenedDllNotificationCallback: load 00007ffd561c0000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
37285058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
37295058.3600: supR3HardenedDllNotificationCallback: load 00007ffd645d0000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
37305058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37315058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37325058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37335058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37345058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37355058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37365058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37375058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37385058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37395058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37405058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37415058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37425058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37435058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37445058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37455058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37465058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37475058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
37485058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37495058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37505058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37515058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37525058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd645d0000 'C:\WINDOWS\System32\msacm32.drv'
37535058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fec pwszName=\Device\HarddiskVolume4\Windows\System32\midimap.dll
37545058.3600: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000134f170
37555058.3600: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000134f170
37565058.3600: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB34EC166C3F780657AB67E557E6C2E60C398D10
37575058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
37585058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
37595058.3600: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.535.cat'; file='\Device\HarddiskVolume4\Windows\System32\midimap.dll'
37605058.3600: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
37615058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37625058.3600: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
37635058.3600: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) WinVerifyTrust
37645058.3600: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll
37655058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
37665058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
37675058.3600: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
37685058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37695058.3600: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37705058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37715058.3600: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
37725058.3600: supR3HardenedDllNotificationCallback: load 00007ffd561b0000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
37735058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
37745058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd561b0000 'C:\WINDOWS\System32\midimap.dll'
37755058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
37765058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37775058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd561b0000 'C:\WINDOWS\System32\midimap.dll'
37785058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
37795058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37805058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd561b0000 'C:\WINDOWS\System32\midimap.dll'
37815058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
37825058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
37835058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd561b0000 'C:\WINDOWS\System32\midimap.dll'
37845058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37855058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37865058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37875058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37885058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37895058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37905058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37915058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
37925058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
37935058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37945058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37955058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37965058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
37975058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
37985058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
37995058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38005058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38015058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38025058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38035058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38045058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38055058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38065058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
38075058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
38085058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38095058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38105058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38115058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38125058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38135058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38145058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38155058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38165058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
38175058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38185058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38195058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
38205058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38215058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38225058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38235058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38245058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38255058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38265058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38275058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
38285058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38295058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38305058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38315058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38325058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38335058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38345058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38355058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38365058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38375058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38385058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38395058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38405058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38415058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38425058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38435058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38445058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38455058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38465058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38475058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38485058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38495058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38505058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38515058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38525058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38535058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38545058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38555058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38565058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38575058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38585058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38595058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38605058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
38615058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38625058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38635058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38645058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38655058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38665058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38675058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38685058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38695058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38705058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38715058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38725058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38735058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38745058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38755058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38765058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38775058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38785058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38795058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38805058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38815058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38825058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38835058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38845058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38855058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38865058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38875058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38885058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38895058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38905058.3600: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
38915058.3600: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38925058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
38935058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38945058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38955058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38965058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38975058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38985058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
38995058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39005058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39015058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39025058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39035058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39045058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39055058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39065058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39075058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39085058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39095058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39105058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39115058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39125058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39135058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39145058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39155058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39165058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39175058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39185058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39195058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39205058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39215058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39225058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39235058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39245058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39255058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39265058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39275058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39285058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39295058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39305058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39315058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39325058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39335058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39345058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39355058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39365058.ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
39375058.ba4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
39385058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39395058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39405058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39415058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39425058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39435058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39445058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39455058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39465058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39475058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39485058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39495058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39505058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39515058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39525058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39535058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39545058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39555058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39565058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39575058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39585058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39595058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39605058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39615058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39625058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39635058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39645058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39655058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39665058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39675058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39685058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39695058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39705058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39715058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39725058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39735058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39745058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39755058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39765058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39775058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39785058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39795058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39805058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39815058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39825058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39835058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39845058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39855058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39865058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39875058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39885058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39895058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39905058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39915058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39925058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39935058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39945058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
39955058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39965058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39975058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39985058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
39995058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40005058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40015058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40025058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40035058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40045058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40055058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40065058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40075058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40085058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40095058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40105058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40115058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40125058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40135058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40145058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40155058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40165058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40175058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40185058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40195058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40205058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40215058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40225058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40235058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40245058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40255058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40265058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40275058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40285058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40295058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40305058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40315058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40325058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40335058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40345058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40355058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40365058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40375058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40385058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40395058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40405058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40415058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40425058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40435058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40445058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40455058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40465058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40475058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40485058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40495058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40505058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40515058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40525058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40535058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40545058.ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
40555058.ba4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
40565058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40575058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40585058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40595058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40605058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40615058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40625058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40635058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40645058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40655058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40665058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd0efe0000 'C:\WINDOWS\system32\dsound.dll'
40675058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40685058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40695058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40705058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40715058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40725058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40735058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40745058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40755058.3600: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd78350000 'C:\WINDOWS\System32\winmm.dll'
40765058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
40775058.ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
40785058.ba4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
40795058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a580000 'C:\WINDOWS\System32\WINTRUST.DLL'
40805058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\CRYPT32.dll'
40815058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
40825058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
40835058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
40845058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'combase.dll'.
40855058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shcore.dll'.
40865058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'textinputframework.dll'.
40875058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'inputhost.dll'.
40885058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
40895058.ba4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\Windows.UI.dll) WinVerifyTrust
40905058.ba4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
40915058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
40925058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
40935058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'inputhost.dll'...
40945058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'inputhost.dll' -> '\Device\HarddiskVolume4\Windows\System32\inputhost.dll' [rcNtRedir=0xc0150008]
40955058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
40965058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
40975058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
40985058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'coremessaging.dll'.
40995058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'coreuicomponents.dll'.
41005058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'propsys.dll'.
41015058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'shcore.dll'.
41025058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'win32u.dll'.
41035058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'combase.dll'.
41045058.ba4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\InputHost.dll) WinVerifyTrust
41055058.ba4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\InputHost.dll
41065058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'textinputframework.dll'...
41075058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'textinputframework.dll' -> '\Device\HarddiskVolume4\Windows\System32\textinputframework.dll' [rcNtRedir=0xc0150008]
41085058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
41095058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
41105058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
41115058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
41125058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
41135058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
41145058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
41155058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
41165058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
41175058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
41185058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
41195058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
41205058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
41215058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
41225058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
41235058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
41245058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
41255058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
41265058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
41275058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
41285058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd79650000 'C:\WINDOWS\system32\rsaenh.dll'
41295058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a430000 'C:\WINDOWS\System32\crypt32.dll'
41305058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'oleaut32.dll'.
41315058.ba4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
41325058.ba4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll) WinVerifyTrust
41335058.ba4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll
41345058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
41355058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
41365058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
41375058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
41385058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
41395058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
41405058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
41415058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
41425058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
41435058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
41445058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
41455058.ba4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
41465058.ba4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
41475058.ba4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Windows.UI.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
41485058.ba4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
41495058.ba4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\InputHost.dll
41505058.ba4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll
41515058.ba4: supR3HardenedDllNotificationCallback: load 00007ffd776f0000 LB 0x000ef000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
41525058.ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll
41535058.ba4: supR3HardenedDllNotificationCallback: load 00007ffd4f900000 LB 0x0011a000 C:\Windows\System32\InputHost.dll [fFlags=0x0]
41545058.ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\InputHost.dll
41555058.ba4: supR3HardenedDllNotificationCallback: load 00007ffd4fac0000 LB 0x00151000 C:\Windows\System32\Windows.UI.dll [fFlags=0x0]
41565058.ba4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
41575058.ba4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd4fac0000 'C:\Windows\System32\Windows.UI.dll'
41585058.2e0c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
41595058.2e0c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
41605058.2e0c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74990000 'C:\WINDOWS\System32\avrt.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy