VirtualBox

Ticket #19242: VBoxHardening.log

File VBoxHardening.log, 257.7 KB (added by pk6610, 5 years ago)
Line 
117ec.1734: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000010 g_uNtVerCombined=0x63258000
217ec.1734: \SystemRoot\System32\ntdll.dll:
317ec.1734: CreationTime: 2019-10-09T06:29:35.187656600Z
417ec.1734: LastWriteTime: 2019-08-31T20:51:48.577800200Z
517ec.1734: ChangeTime: 2019-11-13T14:03:40.552592700Z
617ec.1734: FileAttributes: 0x20
717ec.1734: Size: 0x1a83f8
817ec.1734: NT Headers: 0xd8
917ec.1734: Timestamp: 0x5d6aa558
1017ec.1734: Machine: 0x8664 - amd64
1117ec.1734: Timestamp: 0x5d6aa558
1217ec.1734: Image Version: 6.3
1317ec.1734: SizeOfImage: 0x1ad000 (1757184)
1417ec.1734: Resource Dir: 0x149000 LB 0x62558
1517ec.1734: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1617ec.1734: [Raw version resource data: 0x1490f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1717ec.1734: ProductName: Microsoft® Windows® Operating System
1817ec.1734: ProductVersion: 6.3.9600.19478
1917ec.1734: FileVersion: 6.3.9600.19478 (winblue_ltsb.190831-0600)
2017ec.1734: FileDescription: NT Layer DLL
2117ec.1734: \SystemRoot\System32\kernel32.dll:
2217ec.1734: CreationTime: 2019-12-11T13:11:34.349721100Z
2317ec.1734: LastWriteTime: 2019-10-15T09:03:50.983536200Z
2417ec.1734: ChangeTime: 2019-12-11T18:11:17.263292100Z
2517ec.1734: FileAttributes: 0x20
2617ec.1734: Size: 0x140418
2717ec.1734: NT Headers: 0xe8
2817ec.1734: Timestamp: 0x5da540db
2917ec.1734: Machine: 0x8664 - amd64
3017ec.1734: Timestamp: 0x5da540db
3117ec.1734: Image Version: 6.3
3217ec.1734: SizeOfImage: 0x13f000 (1306624)
3317ec.1734: Resource Dir: 0x12f000 LB 0x530
3417ec.1734: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3517ec.1734: [Raw version resource data: 0x12f0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)]
3617ec.1734: ProductName: Microsoft® Windows® Operating System
3717ec.1734: ProductVersion: 6.3.9600.19538
3817ec.1734: FileVersion: 6.3.9600.19538 (winblue_ltsb_escrow.191014-1700)
3917ec.1734: FileDescription: Windows NT BASE API Client DLL
4017ec.1734: \SystemRoot\System32\KernelBase.dll:
4117ec.1734: CreationTime: 2019-10-09T06:29:46.304926300Z
4217ec.1734: LastWriteTime: 2019-07-16T02:30:15.221797500Z
4317ec.1734: ChangeTime: 2019-11-06T17:27:45.672845200Z
4417ec.1734: FileAttributes: 0x20
4517ec.1734: Size: 0x115878
4617ec.1734: NT Headers: 0xf0
4717ec.1734: Timestamp: 0x5d26b6e9
4817ec.1734: Machine: 0x8664 - amd64
4917ec.1734: Timestamp: 0x5d26b6e9
5017ec.1734: Image Version: 6.3
5117ec.1734: SizeOfImage: 0x116000 (1138688)
5217ec.1734: Resource Dir: 0x111000 LB 0x3540
5317ec.1734: [Version info resource found at 0x108! (ID/Name: 0x1; SubID/SubName: 0x409)]
5417ec.1734: [Raw version resource data: 0x111120 LB 0x3cc, codepage 0x0 (reserved 0x0)]
5517ec.1734: ProductName: Microsoft® Windows® Operating System
5617ec.1734: ProductVersion: 6.3.9600.19425
5717ec.1734: FileVersion: 6.3.9600.19425 (winblue_ltsb_escrow.190710-1722)
5817ec.1734: FileDescription: Windows NT BASE API Client DLL
5917ec.1734: \SystemRoot\System32\apisetschema.dll:
6017ec.1734: CreationTime: 2016-12-14T15:04:20.487319600Z
6117ec.1734: LastWriteTime: 2016-10-10T18:18:15.035158100Z
6217ec.1734: ChangeTime: 2016-12-14T23:42:36.927220400Z
6317ec.1734: FileAttributes: 0x20
6417ec.1734: Size: 0x11158
6517ec.1734: NT Headers: 0xd0
6617ec.1734: Timestamp: 0x57fa67ee
6717ec.1734: Machine: 0x8664 - amd64
6817ec.1734: Timestamp: 0x57fa67ee
6917ec.1734: Image Version: 6.3
7017ec.1734: SizeOfImage: 0x12000 (73728)
7117ec.1734: Resource Dir: 0x11000 LB 0x3f8
7217ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7317ec.1734: [Raw version resource data: 0x11060 LB 0x398, codepage 0x0 (reserved 0x0)]
7417ec.1734: ProductName: Microsoft® Windows® Operating System
7517ec.1734: ProductVersion: 6.3.9600.18513
7617ec.1734: FileVersion: 6.3.9600.18513 (winblue_ltsb.161009-0600)
7717ec.1734: FileDescription: ApiSet Schema DLL
7817ec.1734: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7917ec.1734: supR3HardenedWinFindAdversaries: 0x40
8017ec.1734: \SystemRoot\System32\drivers\kl1.sys:
8117ec.1734: CreationTime: 2019-03-18T10:13:42.000000000Z
8217ec.1734: LastWriteTime: 2019-03-18T10:13:42.000000000Z
8317ec.1734: ChangeTime: 2019-12-08T16:20:25.867493600Z
8417ec.1734: FileAttributes: 0x20
8517ec.1734: Size: 0x81c80
8617ec.1734: NT Headers: 0xf8
8717ec.1734: Timestamp: 0x5c8a8199
8817ec.1734: Machine: 0x8664 - amd64
8917ec.1734: Timestamp: 0x5c8a8199
9017ec.1734: Image Version: 6.1
9117ec.1734: SizeOfImage: 0x703000 (7352320)
9217ec.1734: Resource Dir: 0x701000 LB 0x430
9317ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
9417ec.1734: [Raw version resource data: 0x701060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
9517ec.1734: ProductName: Coretech Delivery
9617ec.1734: ProductVersion: 30.0.3790.0
9717ec.1734: FileVersion: 30.0.3790.0
9817ec.1734: FileDescription: Updatable component loader [fre_win7_x64]
9917ec.1734: \SystemRoot\System32\drivers\klflt.sys:
10017ec.1734: CreationTime: 2019-11-01T07:52:18.000000000Z
10117ec.1734: LastWriteTime: 2019-11-01T07:52:18.000000000Z
10217ec.1734: ChangeTime: 2019-12-08T16:20:25.464991800Z
10317ec.1734: FileAttributes: 0x20
10417ec.1734: Size: 0x3d678
10517ec.1734: NT Headers: 0x100
10617ec.1734: Timestamp: 0xddaa7cbc
10717ec.1734: Machine: 0x8664 - amd64
10817ec.1734: Timestamp: 0xddaa7cbc
10917ec.1734: Image Version: 6.1
11017ec.1734: SizeOfImage: 0x4a000 (303104)
11117ec.1734: Resource Dir: 0x47000 LB 0x418
11217ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
11317ec.1734: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
11417ec.1734: ProductName: Coretech Delivery
11517ec.1734: ProductVersion: 30.112.90.0
11617ec.1734: FileVersion: 30.112.90.0
11717ec.1734: FileDescription: Filter Core [fre_win7_amd64]
11817ec.1734: \SystemRoot\System32\drivers\klif.sys:
11917ec.1734: CreationTime: 2019-11-01T07:52:18.000000000Z
12017ec.1734: LastWriteTime: 2019-11-01T07:52:18.000000000Z
12117ec.1734: ChangeTime: 2019-12-08T16:20:25.459984500Z
12217ec.1734: FileAttributes: 0x20
12317ec.1734: Size: 0xf3a80
12417ec.1734: NT Headers: 0xf8
12517ec.1734: Timestamp: 0x5da6282c
12617ec.1734: Machine: 0x8664 - amd64
12717ec.1734: Timestamp: 0x5da6282c
12817ec.1734: Image Version: 6.1
12917ec.1734: SizeOfImage: 0xf4000 (999424)
13017ec.1734: Resource Dir: 0xeb000 LB 0x33f8
13117ec.1734: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
13217ec.1734: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
13317ec.1734: ProductName: Coretech Delivery
13417ec.1734: ProductVersion: 30.112.90.0
13517ec.1734: FileVersion: 30.112.90.0
13617ec.1734: FileDescription: Core System Interceptors [fre_win7_amd64]
13717ec.1734: \SystemRoot\System32\drivers\klim6.sys:
13817ec.1734: CreationTime: 2019-03-19T06:21:06.000000000Z
13917ec.1734: LastWriteTime: 2019-03-19T06:21:06.000000000Z
14017ec.1734: ChangeTime: 2019-12-08T16:20:27.739836100Z
14117ec.1734: FileAttributes: 0x20
14217ec.1734: Size: 0xe350
14317ec.1734: NT Headers: 0xe0
14417ec.1734: Timestamp: 0x54ad405e
14517ec.1734: Machine: 0x8664 - amd64
14617ec.1734: Timestamp: 0x54ad405e
14717ec.1734: Image Version: 6.1
14817ec.1734: SizeOfImage: 0xb000 (45056)
14917ec.1734: Resource Dir: 0x9000 LB 0x430
15017ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
15117ec.1734: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
15217ec.1734: ProductName: Coretech Delivery
15317ec.1734: ProductVersion: 30.0.3724.0
15417ec.1734: FileVersion: 30.0.3724.0
15517ec.1734: FileDescription: Packet Network Filter [fre_win7_amd64]
15617ec.1734: \SystemRoot\System32\drivers\klkbdflt.sys:
15717ec.1734: CreationTime: 2019-03-18T01:11:30.000000000Z
15817ec.1734: LastWriteTime: 2019-03-18T01:11:30.000000000Z
15917ec.1734: ChangeTime: 2019-12-08T16:20:28.208421300Z
16017ec.1734: FileAttributes: 0x20
16117ec.1734: Size: 0x13550
16217ec.1734: NT Headers: 0xf8
16317ec.1734: Timestamp: 0x79cc11d7
16417ec.1734: Machine: 0x8664 - amd64
16517ec.1734: Timestamp: 0x79cc11d7
16617ec.1734: Image Version: 6.1
16717ec.1734: SizeOfImage: 0x12000 (73728)
16817ec.1734: Resource Dir: 0x10000 LB 0x438
16917ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
17017ec.1734: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
17117ec.1734: ProductName: Coretech Delivery
17217ec.1734: ProductVersion: 30.0.3716.0
17317ec.1734: FileVersion: 30.0.3716.0
17417ec.1734: FileDescription: Keyboard Device Filter [fre_win7_amd64]
17517ec.1734: \SystemRoot\System32\drivers\klmouflt.sys:
17617ec.1734: CreationTime: 2019-03-18T00:50:34.000000000Z
17717ec.1734: LastWriteTime: 2019-03-18T00:50:34.000000000Z
17817ec.1734: ChangeTime: 2019-12-08T16:20:28.101288000Z
17917ec.1734: FileAttributes: 0x20
18017ec.1734: Size: 0xe878
18117ec.1734: NT Headers: 0xe8
18217ec.1734: Timestamp: 0xab7b625
18317ec.1734: Machine: 0x8664 - amd64
18417ec.1734: Timestamp: 0xab7b625
18517ec.1734: Image Version: 6.1
18617ec.1734: SizeOfImage: 0xe000 (57344)
18717ec.1734: Resource Dir: 0xc000 LB 0x430
18817ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
18917ec.1734: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
19017ec.1734: ProductName: Coretech Delivery
19117ec.1734: ProductVersion: 30.0.3716.0
19217ec.1734: FileVersion: 30.0.3716.0
19317ec.1734: FileDescription: Mouse Device Filter [fre_win7_amd64]
19417ec.1734: \SystemRoot\System32\drivers\kneps.sys:
19517ec.1734: CreationTime: 2019-03-19T01:31:38.000000000Z
19617ec.1734: LastWriteTime: 2019-03-19T01:31:38.000000000Z
19717ec.1734: ChangeTime: 2019-12-08T16:20:27.146094700Z
19817ec.1734: FileAttributes: 0x20
19917ec.1734: Size: 0x38b50
20017ec.1734: NT Headers: 0x108
20117ec.1734: Timestamp: 0x7aa255dc
20217ec.1734: Machine: 0x8664 - amd64
20317ec.1734: Timestamp: 0x7aa255dc
20417ec.1734: Image Version: 6.1
20517ec.1734: SizeOfImage: 0x38000 (229376)
20617ec.1734: Resource Dir: 0x35000 LB 0x428
20717ec.1734: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
20817ec.1734: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
20917ec.1734: ProductName: Coretech Delivery
21017ec.1734: ProductVersion: 30.0.3731.0
21117ec.1734: FileVersion: 30.0.3731.0
21217ec.1734: FileDescription: Network Processor [fre_win7_amd64]
21317ec.1734: \SystemRoot\System32\klfphc.dll:
21417ec.1734: CreationTime: 2015-02-09T20:31:05.379965500Z
21517ec.1734: LastWriteTime: 2013-05-06T07:13:26.000000000Z
21617ec.1734: ChangeTime: 2019-12-08T16:20:15.921881400Z
21717ec.1734: FileAttributes: 0x20
21817ec.1734: Size: 0x1ae60
21917ec.1734: NT Headers: 0xe8
22017ec.1734: Timestamp: 0x51873bf2
22117ec.1734: Machine: 0x8664 - amd64
22217ec.1734: Timestamp: 0x51873bf2
22317ec.1734: Image Version: 0.0
22417ec.1734: SizeOfImage: 0x1d000 (118784)
22517ec.1734: Resource Dir: 0x18000 LB 0x3c80
22617ec.1734: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
22717ec.1734: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
22817ec.1734: ProductName: Kaspersky™ Anti-Virus ®
22917ec.1734: ProductVersion: 1.0.0.12
23017ec.1734: FileVersion: 1.0.0.12
23117ec.1734: FileDescription: Filtering Platform Helper Class
23217ec.1734: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Programs\VirtualBox'
23317ec.1734: Calling main()
23417ec.1734: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
23517ec.1734: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Programs\VirtualBox'
23617ec.1734: SUPR3HardenedMain: Respawn #1
23717ec.1734: System32: \Device\HarddiskVolume2\Windows\System32
23817ec.1734: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
23917ec.1734: KnownDllPath: C:\Windows\system32
24017ec.1734: supR3HardenedWinInit: Performing a limited self purification...
24117ec.1734: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
24217ec.1734: *0000000000000000-000000000031ffff 0x0001/0x0000 0x0000000
24317ec.1734: *0000000000320000-000000000032ffff 0x0004/0x0004 0x0040000
24417ec.1734: 0000000000330000-000000000033ffff 0x0001/0x0000 0x0000000
24517ec.1734: *0000000000340000-000000000034efff 0x0002/0x0002 0x0040000
24617ec.1734: 000000000034f000-000000000034ffff 0x0001/0x0000 0x0000000
24717ec.1734: *0000000000350000-0000000000400fff 0x0000/0x0004 0x0020000
24817ec.1734: 0000000000401000-0000000000403fff 0x0104/0x0004 0x0020000
24917ec.1734: 0000000000404000-000000000044ffff 0x0004/0x0004 0x0020000
25017ec.1734: *0000000000450000-0000000000453fff 0x0002/0x0002 0x0040000
25117ec.1734: 0000000000454000-000000000045ffff 0x0001/0x0000 0x0000000
25217ec.1734: *0000000000460000-0000000000461fff 0x0004/0x0004 0x0020000
25317ec.1734: 0000000000462000-000000000046ffff 0x0001/0x0000 0x0000000
25417ec.1734: *0000000000470000-0000000000471fff 0x0004/0x0004 0x0020000
25517ec.1734: 0000000000472000-0000000000489fff 0x0000/0x0004 0x0020000
25617ec.1734: 000000000048a000-000000000049ffff 0x0001/0x0000 0x0000000
25717ec.1734: *00000000004a0000-00000000004a3fff 0x0004/0x0004 0x0020000
25817ec.1734: 00000000004a4000-000000000059ffff 0x0000/0x0004 0x0020000
25917ec.1734: *00000000005a0000-000000000061dfff 0x0002/0x0002 0x0040000
26017ec.1734: 000000000061e000-000000000061ffff 0x0001/0x0000 0x0000000
26117ec.1734: *0000000000620000-000000000063cfff 0x0004/0x0004 0x0020000
26217ec.1734: 000000000063d000-000000000071ffff 0x0000/0x0004 0x0020000
26317ec.1734: 0000000000720000-000000000075ffff 0x0001/0x0000 0x0000000
26417ec.1734: *0000000000760000-000000000076efff 0x0004/0x0004 0x0020000
26517ec.1734: 000000000076f000-000000000076ffff 0x0000/0x0004 0x0020000
26617ec.1734: *0000000000770000-0000000000770fff 0x0000/0x0004 0x0020000
26717ec.1734: 0000000000771000-000000000091efff 0x0004/0x0004 0x0020000
26817ec.1734: 000000000091f000-000000000091ffff 0x0000/0x0004 0x0020000
26917ec.1734: 0000000000920000-000000007ffdffff 0x0001/0x0000 0x0000000
27017ec.1734: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
27117ec.1734: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
27217ec.1734: 000000007fff0000-00007ff60c3bffff 0x0001/0x0000 0x0000000
27317ec.1734: *00007ff60c3c0000-00007ff60c3c4fff 0x0002/0x0002 0x0040000
27417ec.1734: 00007ff60c3c5000-00007ff60c4bffff 0x0000/0x0002 0x0040000
27517ec.1734: *00007ff60c4c0000-00007ff60c4e2fff 0x0002/0x0002 0x0040000
27617ec.1734: *00007ff60c4e3000-00007ff60c4e3fff 0x0004/0x0004 0x0020000
27717ec.1734: 00007ff60c4e4000-00007ff60c4edfff 0x0001/0x0000 0x0000000
27817ec.1734: *00007ff60c4ee000-00007ff60c4effff 0x0004/0x0004 0x0020000
27917ec.1734: 00007ff60c4f0000-00007ff60d1dffff 0x0001/0x0000 0x0000000
28017ec.1734: *00007ff60d1e0000-00007ff60d1e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28117ec.1734: 00007ff60d1e1000-00007ff60d255fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28217ec.1734: 00007ff60d256000-00007ff60d256fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28317ec.1734: 00007ff60d257000-00007ff60d29efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28417ec.1734: 00007ff60d29f000-00007ff60d2a1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28517ec.1734: 00007ff60d2a2000-00007ff60d2a4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28617ec.1734: 00007ff60d2a5000-00007ff60d2a7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28717ec.1734: 00007ff60d2a8000-00007ff60d2a8fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28817ec.1734: 00007ff60d2a9000-00007ff60d2aafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
28917ec.1734: 00007ff60d2ab000-00007ff60d2abfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
29017ec.1734: 00007ff60d2ac000-00007ff60d2f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
29117ec.1734: 00007ff60d2f5000-00007ffcdea1ffff 0x0001/0x0000 0x0000000
29217ec.1734: *00007ffcdea20000-00007ffcdea20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
29317ec.1734: 00007ffcdea21000-00007ffcdeb13fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
29417ec.1734: 00007ffcdeb14000-00007ffcdeb16fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
29517ec.1734: 00007ffcdeb17000-00007ffcdeb17fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
29617ec.1734: 00007ffcdeb18000-00007ffcdeb35fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
29717ec.1734: 00007ffcdeb36000-00007ffce091ffff 0x0001/0x0000 0x0000000
29817ec.1734: *00007ffce0920000-00007ffce0920fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
29917ec.1734: 00007ffce0921000-00007ffce0a38fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
30017ec.1734: 00007ffce0a39000-00007ffce0a39fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
30117ec.1734: 00007ffce0a3a000-00007ffce0a3afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
30217ec.1734: 00007ffce0a3b000-00007ffce0a5efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
30317ec.1734: 00007ffce0a5f000-00007ffce14dffff 0x0001/0x0000 0x0000000
30417ec.1734: *00007ffce14e0000-00007ffce14e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
30517ec.1734: 00007ffce14e1000-00007ffce160dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
30617ec.1734: 00007ffce160e000-00007ffce1613fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
30717ec.1734: 00007ffce1614000-00007ffce1624fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
30817ec.1734: 00007ffce1625000-00007ffce1625fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
30917ec.1734: 00007ffce1626000-00007ffce168cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
31017ec.1734: 00007ffce168d000-00007ffffffdffff 0x0001/0x0000 0x0000000
31117ec.1734: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
31217ec.1734: kernel32.dll: timestamp 0x5da540db (rc=VINF_SUCCESS)
31317ec.1734: kernelbase.dll: timestamp 0x5d26b6e9 (rc=VINF_SUCCESS)
31417ec.1734: VirtualBoxVM.exe: timestamp 0x5d9f7c37 (rc=VINF_SUCCESS)
31517ec.1734: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
31617ec.1734: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
31717ec.1734: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
31817ec.1734: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
31917ec.1734: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe)
32017ec.1734: supR3HardNtEnableThreadCreationEx:
32117ec.1734: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffce14f8c90 pvNtTerminateThread=00007ffce1570c80
32217ec.1734: supR3HardenedWinDoReSpawn(1): New child 1324.1320 [kernel32].
32317ec.1734: supR3HardNtChildGatherData: PebBaseAddress=00007ff60c399000 cbPeb=0x388
32417ec.1734: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffce14e0000 uNtDllChildAddr=00007ffce14e0000
32517ec.1734: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffce14f8c90
32617ec.1734: supR3HardenedWinSetupChildInit: Start child.
32717ec.1734: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
32817ec.1734: supR3HardNtChildPurify: Startup delay kludge #1/0: 515 ms, 62 sleeps
32917ec.1734: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
33017ec.1734: *0000000000000000-00000000008effff 0x0001/0x0000 0x0000000
33117ec.1734: *00000000008f0000-000000000090ffff 0x0004/0x0004 0x0020000
33217ec.1734: *0000000000910000-000000000091efff 0x0002/0x0002 0x0040000
33317ec.1734: 000000000091f000-000000000091ffff 0x0001/0x0000 0x0000000
33417ec.1734: *0000000000920000-0000000000a1afff 0x0000/0x0004 0x0020000
33517ec.1734: 0000000000a1b000-0000000000a1dfff 0x0104/0x0004 0x0020000
33617ec.1734: 0000000000a1e000-0000000000a1ffff 0x0004/0x0004 0x0020000
33717ec.1734: *0000000000a20000-0000000000a23fff 0x0002/0x0002 0x0040000
33817ec.1734: 0000000000a24000-0000000000a2ffff 0x0001/0x0000 0x0000000
33917ec.1734: *0000000000a30000-0000000000a31fff 0x0004/0x0004 0x0020000
34017ec.1734: 0000000000a32000-000000007ffdffff 0x0001/0x0000 0x0000000
34117ec.1734: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
34217ec.1734: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
34317ec.1734: 000000007fff0000-00007ff60c36ffff 0x0001/0x0000 0x0000000
34417ec.1734: *00007ff60c370000-00007ff60c392fff 0x0002/0x0002 0x0040000
34517ec.1734: 00007ff60c393000-00007ff60c398fff 0x0001/0x0000 0x0000000
34617ec.1734: *00007ff60c399000-00007ff60c399fff 0x0004/0x0004 0x0020000
34717ec.1734: 00007ff60c39a000-00007ff60c39dfff 0x0001/0x0000 0x0000000
34817ec.1734: *00007ff60c39e000-00007ff60c39ffff 0x0004/0x0004 0x0020000
34917ec.1734: 00007ff60c3a0000-00007ff60d1dffff 0x0001/0x0000 0x0000000
35017ec.1734: *00007ff60d1e0000-00007ff60d1e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35117ec.1734: 00007ff60d1e1000-00007ff60d255fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35217ec.1734: 00007ff60d256000-00007ff60d256fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35317ec.1734: 00007ff60d257000-00007ff60d29efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35417ec.1734: 00007ff60d29f000-00007ff60d29ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35517ec.1734: 00007ff60d2a0000-00007ff60d2a0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35617ec.1734: 00007ff60d2a1000-00007ff60d2a5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35717ec.1734: 00007ff60d2a6000-00007ff60d2a6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35817ec.1734: 00007ff60d2a7000-00007ff60d2a7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
35917ec.1734: 00007ff60d2a8000-00007ff60d2abfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
36017ec.1734: 00007ff60d2ac000-00007ff60d2f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
36117ec.1734: 00007ff60d2f5000-00007ffce14dffff 0x0001/0x0000 0x0000000
36217ec.1734: *00007ffce14e0000-00007ffce14e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36317ec.1734: 00007ffce14e1000-00007ffce160dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36417ec.1734: 00007ffce160e000-00007ffce1613fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36517ec.1734: 00007ffce1614000-00007ffce1620fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36617ec.1734: 00007ffce1621000-00007ffce1621fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36717ec.1734: 00007ffce1622000-00007ffce1624fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36817ec.1734: 00007ffce1625000-00007ffce1625fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
36917ec.1734: 00007ffce1626000-00007ffce168cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
37017ec.1734: 00007ffce168d000-00007ffffffdffff 0x0001/0x0000 0x0000000
37117ec.1734: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
37217ec.1734: supR3HardNtChildPurify: Done after 517 ms and 0 fixes (loop #0).
3731324.1320: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
3741324.1320: supR3HardenedVmProcessInit: uNtDllAddr=00007ffce14e0000 g_uNtVerCombined=0x63258000
3751324.1320: ntdll.dll: timestamp 0x5d6aa558 (rc=VINF_SUCCESS)
3761324.1320: New simple heap: #1 0000000000b40000 LB 0x400000 (for 1757184 allocation)
37717ec.1734: supR3HardNtEnableThreadCreationEx:
3781324.1320: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Programs\VirtualBox'
3791324.1320: System32: \Device\HarddiskVolume2\Windows\System32
3801324.1320: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
3811324.1320: KnownDllPath: C:\Windows\system32
3821324.1320: supR3HardenedVmProcessInit: Opening vboxdrv stub...
3831324.1320: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3841324.1320: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3851324.1320: Registered Dll notification callback with NTDLL.
3861324.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
3871324.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3881324.1320: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
3891324.1320: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3901324.1320: supR3HardenedDllNotificationCallback: load 00007ffcdea20000 LB 0x00116000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
3911324.1320: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
3921324.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3931324.1320: supR3HardenedDllNotificationCallback: load 00007ffce0920000 LB 0x0013f000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
3941324.1320: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3951324.1320: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0920000 'C:\Windows\system32\KERNEL32.DLL'
3961324.1320: supR3HardenedDllNotificationCallback: load 00007ff60d1e0000 LB 0x00115000 C:\Programs\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
3971324.1320: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
3981324.1320: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe)
3991324.1320: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
4001324.1320: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffce14f8c90 pvNtTerminateThread=00007ffce1570c80
40117ec.1734: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 52 ms.
4021324.1320: \SystemRoot\System32\ntdll.dll:
4031324.1320: CreationTime: 2019-10-09T06:29:35.187656600Z
4041324.1320: LastWriteTime: 2019-08-31T20:51:48.577800200Z
4051324.1320: ChangeTime: 2019-11-13T14:03:40.552592700Z
4061324.1320: FileAttributes: 0x20
4071324.1320: Size: 0x1a83f8
4081324.1320: NT Headers: 0xd8
4091324.1320: Timestamp: 0x5d6aa558
4101324.1320: Machine: 0x8664 - amd64
4111324.1320: Timestamp: 0x5d6aa558
4121324.1320: Image Version: 6.3
4131324.1320: SizeOfImage: 0x1ad000 (1757184)
4141324.1320: Resource Dir: 0x149000 LB 0x62558
4151324.1320: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4161324.1320: [Raw version resource data: 0x1490f0 LB 0x380, codepage 0x0 (reserved 0x0)]
4171324.1320: ProductName: Microsoft® Windows® Operating System
4181324.1320: ProductVersion: 6.3.9600.19478
4191324.1320: FileVersion: 6.3.9600.19478 (winblue_ltsb.190831-0600)
4201324.1320: FileDescription: NT Layer DLL
4211324.1320: \SystemRoot\System32\kernel32.dll:
4221324.1320: CreationTime: 2019-12-11T13:11:34.349721100Z
4231324.1320: LastWriteTime: 2019-10-15T09:03:50.983536200Z
4241324.1320: ChangeTime: 2019-12-11T18:11:17.263292100Z
4251324.1320: FileAttributes: 0x20
4261324.1320: Size: 0x140418
4271324.1320: NT Headers: 0xe8
4281324.1320: Timestamp: 0x5da540db
4291324.1320: Machine: 0x8664 - amd64
4301324.1320: Timestamp: 0x5da540db
4311324.1320: Image Version: 6.3
4321324.1320: SizeOfImage: 0x13f000 (1306624)
4331324.1320: Resource Dir: 0x12f000 LB 0x530
4341324.1320: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4351324.1320: [Raw version resource data: 0x12f0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)]
4361324.1320: ProductName: Microsoft® Windows® Operating System
4371324.1320: ProductVersion: 6.3.9600.19538
4381324.1320: FileVersion: 6.3.9600.19538 (winblue_ltsb_escrow.191014-1700)
4391324.1320: FileDescription: Windows NT BASE API Client DLL
4401324.1320: \SystemRoot\System32\KernelBase.dll:
4411324.1320: CreationTime: 2019-10-09T06:29:46.304926300Z
4421324.1320: LastWriteTime: 2019-07-16T02:30:15.221797500Z
4431324.1320: ChangeTime: 2019-11-06T17:27:45.672845200Z
4441324.1320: FileAttributes: 0x20
4451324.1320: Size: 0x115878
4461324.1320: NT Headers: 0xf0
4471324.1320: Timestamp: 0x5d26b6e9
4481324.1320: Machine: 0x8664 - amd64
4491324.1320: Timestamp: 0x5d26b6e9
4501324.1320: Image Version: 6.3
4511324.1320: SizeOfImage: 0x116000 (1138688)
4521324.1320: Resource Dir: 0x111000 LB 0x3540
4531324.1320: [Version info resource found at 0x108! (ID/Name: 0x1; SubID/SubName: 0x409)]
4541324.1320: [Raw version resource data: 0x111120 LB 0x3cc, codepage 0x0 (reserved 0x0)]
4551324.1320: ProductName: Microsoft® Windows® Operating System
4561324.1320: ProductVersion: 6.3.9600.19425
4571324.1320: FileVersion: 6.3.9600.19425 (winblue_ltsb_escrow.190710-1722)
4581324.1320: FileDescription: Windows NT BASE API Client DLL
4591324.1320: \SystemRoot\System32\apisetschema.dll:
4601324.1320: CreationTime: 2016-12-14T15:04:20.487319600Z
4611324.1320: LastWriteTime: 2016-10-10T18:18:15.035158100Z
4621324.1320: ChangeTime: 2016-12-14T23:42:36.927220400Z
4631324.1320: FileAttributes: 0x20
4641324.1320: Size: 0x11158
4651324.1320: NT Headers: 0xd0
4661324.1320: Timestamp: 0x57fa67ee
4671324.1320: Machine: 0x8664 - amd64
4681324.1320: Timestamp: 0x57fa67ee
4691324.1320: Image Version: 6.3
4701324.1320: SizeOfImage: 0x12000 (73728)
4711324.1320: Resource Dir: 0x11000 LB 0x3f8
4721324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4731324.1320: [Raw version resource data: 0x11060 LB 0x398, codepage 0x0 (reserved 0x0)]
4741324.1320: ProductName: Microsoft® Windows® Operating System
4751324.1320: ProductVersion: 6.3.9600.18513
4761324.1320: FileVersion: 6.3.9600.18513 (winblue_ltsb.161009-0600)
4771324.1320: FileDescription: ApiSet Schema DLL
4781324.1320: NtOpenDirectoryObject failed on \Driver: 0xc0000022
4791324.1320: supR3HardenedWinFindAdversaries: 0x40
4801324.1320: \SystemRoot\System32\drivers\kl1.sys:
4811324.1320: CreationTime: 2019-03-18T10:13:42.000000000Z
4821324.1320: LastWriteTime: 2019-03-18T10:13:42.000000000Z
4831324.1320: ChangeTime: 2019-12-08T16:20:25.867493600Z
4841324.1320: FileAttributes: 0x20
4851324.1320: Size: 0x81c80
4861324.1320: NT Headers: 0xf8
4871324.1320: Timestamp: 0x5c8a8199
4881324.1320: Machine: 0x8664 - amd64
4891324.1320: Timestamp: 0x5c8a8199
4901324.1320: Image Version: 6.1
4911324.1320: SizeOfImage: 0x703000 (7352320)
4921324.1320: Resource Dir: 0x701000 LB 0x430
4931324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4941324.1320: [Raw version resource data: 0x701060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
4951324.1320: ProductName: Coretech Delivery
4961324.1320: ProductVersion: 30.0.3790.0
4971324.1320: FileVersion: 30.0.3790.0
4981324.1320: FileDescription: Updatable component loader [fre_win7_x64]
4991324.1320: \SystemRoot\System32\drivers\klflt.sys:
5001324.1320: CreationTime: 2019-11-01T07:52:18.000000000Z
5011324.1320: LastWriteTime: 2019-11-01T07:52:18.000000000Z
5021324.1320: ChangeTime: 2019-12-08T16:20:25.464991800Z
5031324.1320: FileAttributes: 0x20
5041324.1320: Size: 0x3d678
5051324.1320: NT Headers: 0x100
5061324.1320: Timestamp: 0xddaa7cbc
5071324.1320: Machine: 0x8664 - amd64
5081324.1320: Timestamp: 0xddaa7cbc
5091324.1320: Image Version: 6.1
5101324.1320: SizeOfImage: 0x4a000 (303104)
5111324.1320: Resource Dir: 0x47000 LB 0x418
5121324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5131324.1320: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
5141324.1320: ProductName: Coretech Delivery
5151324.1320: ProductVersion: 30.112.90.0
5161324.1320: FileVersion: 30.112.90.0
5171324.1320: FileDescription: Filter Core [fre_win7_amd64]
5181324.1320: \SystemRoot\System32\drivers\klif.sys:
5191324.1320: CreationTime: 2019-11-01T07:52:18.000000000Z
5201324.1320: LastWriteTime: 2019-11-01T07:52:18.000000000Z
5211324.1320: ChangeTime: 2019-12-08T16:20:25.459984500Z
5221324.1320: FileAttributes: 0x20
5231324.1320: Size: 0xf3a80
5241324.1320: NT Headers: 0xf8
5251324.1320: Timestamp: 0x5da6282c
5261324.1320: Machine: 0x8664 - amd64
5271324.1320: Timestamp: 0x5da6282c
5281324.1320: Image Version: 6.1
5291324.1320: SizeOfImage: 0xf4000 (999424)
5301324.1320: Resource Dir: 0xeb000 LB 0x33f8
5311324.1320: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
5321324.1320: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
5331324.1320: ProductName: Coretech Delivery
5341324.1320: ProductVersion: 30.112.90.0
5351324.1320: FileVersion: 30.112.90.0
5361324.1320: FileDescription: Core System Interceptors [fre_win7_amd64]
5371324.1320: \SystemRoot\System32\drivers\klim6.sys:
5381324.1320: CreationTime: 2019-03-19T06:21:06.000000000Z
5391324.1320: LastWriteTime: 2019-03-19T06:21:06.000000000Z
5401324.1320: ChangeTime: 2019-12-08T16:20:27.739836100Z
5411324.1320: FileAttributes: 0x20
5421324.1320: Size: 0xe350
5431324.1320: NT Headers: 0xe0
5441324.1320: Timestamp: 0x54ad405e
5451324.1320: Machine: 0x8664 - amd64
5461324.1320: Timestamp: 0x54ad405e
5471324.1320: Image Version: 6.1
5481324.1320: SizeOfImage: 0xb000 (45056)
5491324.1320: Resource Dir: 0x9000 LB 0x430
5501324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5511324.1320: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
5521324.1320: ProductName: Coretech Delivery
5531324.1320: ProductVersion: 30.0.3724.0
5541324.1320: FileVersion: 30.0.3724.0
5551324.1320: FileDescription: Packet Network Filter [fre_win7_amd64]
5561324.1320: \SystemRoot\System32\drivers\klkbdflt.sys:
5571324.1320: CreationTime: 2019-03-18T01:11:30.000000000Z
5581324.1320: LastWriteTime: 2019-03-18T01:11:30.000000000Z
5591324.1320: ChangeTime: 2019-12-08T16:20:28.208421300Z
5601324.1320: FileAttributes: 0x20
5611324.1320: Size: 0x13550
5621324.1320: NT Headers: 0xf8
5631324.1320: Timestamp: 0x79cc11d7
5641324.1320: Machine: 0x8664 - amd64
5651324.1320: Timestamp: 0x79cc11d7
5661324.1320: Image Version: 6.1
5671324.1320: SizeOfImage: 0x12000 (73728)
5681324.1320: Resource Dir: 0x10000 LB 0x438
5691324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5701324.1320: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
5711324.1320: ProductName: Coretech Delivery
5721324.1320: ProductVersion: 30.0.3716.0
5731324.1320: FileVersion: 30.0.3716.0
5741324.1320: FileDescription: Keyboard Device Filter [fre_win7_amd64]
5751324.1320: \SystemRoot\System32\drivers\klmouflt.sys:
5761324.1320: CreationTime: 2019-03-18T00:50:34.000000000Z
5771324.1320: LastWriteTime: 2019-03-18T00:50:34.000000000Z
5781324.1320: ChangeTime: 2019-12-08T16:20:28.101288000Z
5791324.1320: FileAttributes: 0x20
5801324.1320: Size: 0xe878
5811324.1320: NT Headers: 0xe8
5821324.1320: Timestamp: 0xab7b625
5831324.1320: Machine: 0x8664 - amd64
5841324.1320: Timestamp: 0xab7b625
5851324.1320: Image Version: 6.1
5861324.1320: SizeOfImage: 0xe000 (57344)
5871324.1320: Resource Dir: 0xc000 LB 0x430
5881324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5891324.1320: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
5901324.1320: ProductName: Coretech Delivery
5911324.1320: ProductVersion: 30.0.3716.0
5921324.1320: FileVersion: 30.0.3716.0
5931324.1320: FileDescription: Mouse Device Filter [fre_win7_amd64]
5941324.1320: \SystemRoot\System32\drivers\kneps.sys:
5951324.1320: CreationTime: 2019-03-19T01:31:38.000000000Z
5961324.1320: LastWriteTime: 2019-03-19T01:31:38.000000000Z
5971324.1320: ChangeTime: 2019-12-08T16:20:27.146094700Z
5981324.1320: FileAttributes: 0x20
5991324.1320: Size: 0x38b50
6001324.1320: NT Headers: 0x108
6011324.1320: Timestamp: 0x7aa255dc
6021324.1320: Machine: 0x8664 - amd64
6031324.1320: Timestamp: 0x7aa255dc
6041324.1320: Image Version: 6.1
6051324.1320: SizeOfImage: 0x38000 (229376)
6061324.1320: Resource Dir: 0x35000 LB 0x428
6071324.1320: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
6081324.1320: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
6091324.1320: ProductName: Coretech Delivery
6101324.1320: ProductVersion: 30.0.3731.0
6111324.1320: FileVersion: 30.0.3731.0
6121324.1320: FileDescription: Network Processor [fre_win7_amd64]
6131324.1320: \SystemRoot\System32\klfphc.dll:
6141324.1320: CreationTime: 2015-02-09T20:31:05.379965500Z
6151324.1320: LastWriteTime: 2013-05-06T07:13:26.000000000Z
6161324.1320: ChangeTime: 2019-12-08T16:20:15.921881400Z
6171324.1320: FileAttributes: 0x20
6181324.1320: Size: 0x1ae60
6191324.1320: NT Headers: 0xe8
6201324.1320: Timestamp: 0x51873bf2
6211324.1320: Machine: 0x8664 - amd64
6221324.1320: Timestamp: 0x51873bf2
6231324.1320: Image Version: 0.0
6241324.1320: SizeOfImage: 0x1d000 (118784)
6251324.1320: Resource Dir: 0x18000 LB 0x3c80
6261324.1320: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
6271324.1320: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
6281324.1320: ProductName: Kaspersky™ Anti-Virus ®
6291324.1320: ProductVersion: 1.0.0.12
6301324.1320: FileVersion: 1.0.0.12
6311324.1320: FileDescription: Filtering Platform Helper Class
6321324.1320: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Programs\VirtualBox'
6331324.1320: Calling main()
6341324.1320: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
6351324.1320: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Programs\VirtualBox'
6361324.1320: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
6371324.1320: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe)
6381324.1320: SUPR3HardenedMain: Respawn #2
6391324.1320: supR3HardNtEnableThreadCreationEx:
6401324.1320: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffce14f8c90 pvNtTerminateThread=00007ffce1570c80
6411324.1320: supR3HardenedWinDoReSpawn(2): New child 1318.15ac [kernel32].
6421324.1320: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
6431324.1320: supR3HardNtChildGatherData: PebBaseAddress=00007ff60cf6f000 cbPeb=0x388
6441324.1320: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffce14e0000 uNtDllChildAddr=00007ffce14e0000
6451324.1320: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffce14f8c90
6461324.1320: supR3HardenedWinSetupChildInit: Start child.
6471324.1320: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
6481324.1320: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 62 sleeps
6491324.1320: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
6501324.1320: *0000000000000000-0000000000fbffff 0x0001/0x0000 0x0000000
6511324.1320: *0000000000fc0000-0000000000fdffff 0x0004/0x0004 0x0020000
6521324.1320: *0000000000fe0000-0000000000feefff 0x0002/0x0002 0x0040000
6531324.1320: 0000000000fef000-0000000000feffff 0x0001/0x0000 0x0000000
6541324.1320: *0000000000ff0000-00000000010eafff 0x0000/0x0004 0x0020000
6551324.1320: 00000000010eb000-00000000010edfff 0x0104/0x0004 0x0020000
6561324.1320: 00000000010ee000-00000000010effff 0x0004/0x0004 0x0020000
6571324.1320: *00000000010f0000-00000000010f3fff 0x0002/0x0002 0x0040000
6581324.1320: 00000000010f4000-00000000010fffff 0x0001/0x0000 0x0000000
6591324.1320: *0000000001100000-0000000001101fff 0x0004/0x0004 0x0020000
6601324.1320: 0000000001102000-000000007ffdffff 0x0001/0x0000 0x0000000
6611324.1320: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
6621324.1320: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
6631324.1320: 000000007fff0000-00007ff60cf3ffff 0x0001/0x0000 0x0000000
6641324.1320: *00007ff60cf40000-00007ff60cf62fff 0x0002/0x0002 0x0040000
6651324.1320: 00007ff60cf63000-00007ff60cf6cfff 0x0001/0x0000 0x0000000
6661324.1320: *00007ff60cf6d000-00007ff60cf6efff 0x0004/0x0004 0x0020000
6671324.1320: *00007ff60cf6f000-00007ff60cf6ffff 0x0004/0x0004 0x0020000
6681324.1320: 00007ff60cf70000-00007ff60d1dffff 0x0001/0x0000 0x0000000
6691324.1320: *00007ff60d1e0000-00007ff60d1e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6701324.1320: 00007ff60d1e1000-00007ff60d255fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6711324.1320: 00007ff60d256000-00007ff60d256fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6721324.1320: 00007ff60d257000-00007ff60d29efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6731324.1320: 00007ff60d29f000-00007ff60d29ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6741324.1320: 00007ff60d2a0000-00007ff60d2a0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6751324.1320: 00007ff60d2a1000-00007ff60d2a5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6761324.1320: 00007ff60d2a6000-00007ff60d2a6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6771324.1320: 00007ff60d2a7000-00007ff60d2a7fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6781324.1320: 00007ff60d2a8000-00007ff60d2abfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6791324.1320: 00007ff60d2ac000-00007ff60d2f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
6801324.1320: 00007ff60d2f5000-00007ffce14dffff 0x0001/0x0000 0x0000000
6811324.1320: *00007ffce14e0000-00007ffce14e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6821324.1320: 00007ffce14e1000-00007ffce160dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6831324.1320: 00007ffce160e000-00007ffce1613fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6841324.1320: 00007ffce1614000-00007ffce1620fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6851324.1320: 00007ffce1621000-00007ffce1621fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6861324.1320: 00007ffce1622000-00007ffce1624fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6871324.1320: 00007ffce1625000-00007ffce1625fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6881324.1320: 00007ffce1626000-00007ffce168cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6891324.1320: 00007ffce168d000-00007ffffffdffff 0x0001/0x0000 0x0000000
6901324.1320: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
6911324.1320: VirtualBoxVM.exe: timestamp 0x5d9f7c37 (rc=VINF_SUCCESS)
6921324.1320: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
6931324.1320: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
6941324.1320: supR3HardNtChildPurify: Done after 542 ms and 0 fixes (loop #0).
6951318.15ac: Log file opened: 6.0.14r133895 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
6961318.15ac: supR3HardenedVmProcessInit: uNtDllAddr=00007ffce14e0000 g_uNtVerCombined=0x63258000
6971318.15ac: ntdll.dll: timestamp 0x5d6aa558 (rc=VINF_SUCCESS)
6981318.15ac: New simple heap: #1 0000000001210000 LB 0x400000 (for 1757184 allocation)
6991324.1320: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000b40000 LB 0x400000)
7001324.1320: supR3HardNtEnableThreadCreationEx:
7011318.15ac: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Programs\VirtualBox'
7021318.15ac: System32: \Device\HarddiskVolume2\Windows\System32
7031318.15ac: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
7041318.15ac: KnownDllPath: C:\Windows\system32
7051318.15ac: supR3HardenedVmProcessInit: Opening vboxdrv...
7061318.15ac: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
7071318.15ac: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
7081318.15ac: Registered Dll notification callback with NTDLL.
7091318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
7101318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
7111318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
7121318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7131318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdea20000 LB 0x00116000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
7141318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
7151318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
7161318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0920000 LB 0x0013f000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
7171318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7181318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0920000 'C:\Windows\system32\KERNEL32.DLL'
7191318.15ac: supR3HardenedDllNotificationCallback: load 00007ff60d1e0000 LB 0x00115000 C:\Programs\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
7201318.15ac: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
7211318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe)
7221318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe
7231318.15ac: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffce14f8c90 pvNtTerminateThread=00007ffce1570c80
7241324.1320: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 56 ms.
7251318.15ac: \SystemRoot\System32\ntdll.dll:
7261318.15ac: CreationTime: 2019-10-09T06:29:35.187656600Z
7271318.15ac: LastWriteTime: 2019-08-31T20:51:48.577800200Z
7281318.15ac: ChangeTime: 2019-11-13T14:03:40.552592700Z
7291318.15ac: FileAttributes: 0x20
7301318.15ac: Size: 0x1a83f8
7311318.15ac: NT Headers: 0xd8
7321318.15ac: Timestamp: 0x5d6aa558
7331318.15ac: Machine: 0x8664 - amd64
7341318.15ac: Timestamp: 0x5d6aa558
7351318.15ac: Image Version: 6.3
7361318.15ac: SizeOfImage: 0x1ad000 (1757184)
7371318.15ac: Resource Dir: 0x149000 LB 0x62558
7381318.15ac: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
7391318.15ac: [Raw version resource data: 0x1490f0 LB 0x380, codepage 0x0 (reserved 0x0)]
7401318.15ac: ProductName: Microsoft® Windows® Operating System
7411318.15ac: ProductVersion: 6.3.9600.19478
7421318.15ac: FileVersion: 6.3.9600.19478 (winblue_ltsb.190831-0600)
7431318.15ac: FileDescription: NT Layer DLL
7441318.15ac: \SystemRoot\System32\kernel32.dll:
7451318.15ac: CreationTime: 2019-12-11T13:11:34.349721100Z
7461318.15ac: LastWriteTime: 2019-10-15T09:03:50.983536200Z
7471318.15ac: ChangeTime: 2019-12-11T18:11:17.263292100Z
7481318.15ac: FileAttributes: 0x20
7491318.15ac: Size: 0x140418
7501318.15ac: NT Headers: 0xe8
7511318.15ac: Timestamp: 0x5da540db
7521318.15ac: Machine: 0x8664 - amd64
7531318.15ac: Timestamp: 0x5da540db
7541318.15ac: Image Version: 6.3
7551318.15ac: SizeOfImage: 0x13f000 (1306624)
7561318.15ac: Resource Dir: 0x12f000 LB 0x530
7571318.15ac: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
7581318.15ac: [Raw version resource data: 0x12f0b0 LB 0x3b4, codepage 0x0 (reserved 0x0)]
7591318.15ac: ProductName: Microsoft® Windows® Operating System
7601318.15ac: ProductVersion: 6.3.9600.19538
7611318.15ac: FileVersion: 6.3.9600.19538 (winblue_ltsb_escrow.191014-1700)
7621318.15ac: FileDescription: Windows NT BASE API Client DLL
7631318.15ac: \SystemRoot\System32\KernelBase.dll:
7641318.15ac: CreationTime: 2019-10-09T06:29:46.304926300Z
7651318.15ac: LastWriteTime: 2019-07-16T02:30:15.221797500Z
7661318.15ac: ChangeTime: 2019-11-06T17:27:45.672845200Z
7671318.15ac: FileAttributes: 0x20
7681318.15ac: Size: 0x115878
7691318.15ac: NT Headers: 0xf0
7701318.15ac: Timestamp: 0x5d26b6e9
7711318.15ac: Machine: 0x8664 - amd64
7721318.15ac: Timestamp: 0x5d26b6e9
7731318.15ac: Image Version: 6.3
7741318.15ac: SizeOfImage: 0x116000 (1138688)
7751318.15ac: Resource Dir: 0x111000 LB 0x3540
7761318.15ac: [Version info resource found at 0x108! (ID/Name: 0x1; SubID/SubName: 0x409)]
7771318.15ac: [Raw version resource data: 0x111120 LB 0x3cc, codepage 0x0 (reserved 0x0)]
7781318.15ac: ProductName: Microsoft® Windows® Operating System
7791318.15ac: ProductVersion: 6.3.9600.19425
7801318.15ac: FileVersion: 6.3.9600.19425 (winblue_ltsb_escrow.190710-1722)
7811318.15ac: FileDescription: Windows NT BASE API Client DLL
7821318.15ac: \SystemRoot\System32\apisetschema.dll:
7831318.15ac: CreationTime: 2016-12-14T15:04:20.487319600Z
7841318.15ac: LastWriteTime: 2016-10-10T18:18:15.035158100Z
7851318.15ac: ChangeTime: 2016-12-14T23:42:36.927220400Z
7861318.15ac: FileAttributes: 0x20
7871318.15ac: Size: 0x11158
7881318.15ac: NT Headers: 0xd0
7891318.15ac: Timestamp: 0x57fa67ee
7901318.15ac: Machine: 0x8664 - amd64
7911318.15ac: Timestamp: 0x57fa67ee
7921318.15ac: Image Version: 6.3
7931318.15ac: SizeOfImage: 0x12000 (73728)
7941318.15ac: Resource Dir: 0x11000 LB 0x3f8
7951318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7961318.15ac: [Raw version resource data: 0x11060 LB 0x398, codepage 0x0 (reserved 0x0)]
7971318.15ac: ProductName: Microsoft® Windows® Operating System
7981318.15ac: ProductVersion: 6.3.9600.18513
7991318.15ac: FileVersion: 6.3.9600.18513 (winblue_ltsb.161009-0600)
8001318.15ac: FileDescription: ApiSet Schema DLL
8011318.15ac: NtOpenDirectoryObject failed on \Driver: 0xc0000022
8021318.15ac: supR3HardenedWinFindAdversaries: 0x40
8031318.15ac: \SystemRoot\System32\drivers\kl1.sys:
8041318.15ac: CreationTime: 2019-03-18T10:13:42.000000000Z
8051318.15ac: LastWriteTime: 2019-03-18T10:13:42.000000000Z
8061318.15ac: ChangeTime: 2019-12-08T16:20:25.867493600Z
8071318.15ac: FileAttributes: 0x20
8081318.15ac: Size: 0x81c80
8091318.15ac: NT Headers: 0xf8
8101318.15ac: Timestamp: 0x5c8a8199
8111318.15ac: Machine: 0x8664 - amd64
8121318.15ac: Timestamp: 0x5c8a8199
8131318.15ac: Image Version: 6.1
8141318.15ac: SizeOfImage: 0x703000 (7352320)
8151318.15ac: Resource Dir: 0x701000 LB 0x430
8161318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8171318.15ac: [Raw version resource data: 0x701060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
8181318.15ac: ProductName: Coretech Delivery
8191318.15ac: ProductVersion: 30.0.3790.0
8201318.15ac: FileVersion: 30.0.3790.0
8211318.15ac: FileDescription: Updatable component loader [fre_win7_x64]
8221318.15ac: \SystemRoot\System32\drivers\klflt.sys:
8231318.15ac: CreationTime: 2019-11-01T07:52:18.000000000Z
8241318.15ac: LastWriteTime: 2019-11-01T07:52:18.000000000Z
8251318.15ac: ChangeTime: 2019-12-08T16:20:25.464991800Z
8261318.15ac: FileAttributes: 0x20
8271318.15ac: Size: 0x3d678
8281318.15ac: NT Headers: 0x100
8291318.15ac: Timestamp: 0xddaa7cbc
8301318.15ac: Machine: 0x8664 - amd64
8311318.15ac: Timestamp: 0xddaa7cbc
8321318.15ac: Image Version: 6.1
8331318.15ac: SizeOfImage: 0x4a000 (303104)
8341318.15ac: Resource Dir: 0x47000 LB 0x418
8351318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8361318.15ac: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
8371318.15ac: ProductName: Coretech Delivery
8381318.15ac: ProductVersion: 30.112.90.0
8391318.15ac: FileVersion: 30.112.90.0
8401318.15ac: FileDescription: Filter Core [fre_win7_amd64]
8411318.15ac: \SystemRoot\System32\drivers\klif.sys:
8421318.15ac: CreationTime: 2019-11-01T07:52:18.000000000Z
8431318.15ac: LastWriteTime: 2019-11-01T07:52:18.000000000Z
8441318.15ac: ChangeTime: 2019-12-08T16:20:25.459984500Z
8451318.15ac: FileAttributes: 0x20
8461318.15ac: Size: 0xf3a80
8471318.15ac: NT Headers: 0xf8
8481318.15ac: Timestamp: 0x5da6282c
8491318.15ac: Machine: 0x8664 - amd64
8501318.15ac: Timestamp: 0x5da6282c
8511318.15ac: Image Version: 6.1
8521318.15ac: SizeOfImage: 0xf4000 (999424)
8531318.15ac: Resource Dir: 0xeb000 LB 0x33f8
8541318.15ac: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
8551318.15ac: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
8561318.15ac: ProductName: Coretech Delivery
8571318.15ac: ProductVersion: 30.112.90.0
8581318.15ac: FileVersion: 30.112.90.0
8591318.15ac: FileDescription: Core System Interceptors [fre_win7_amd64]
8601318.15ac: \SystemRoot\System32\drivers\klim6.sys:
8611318.15ac: CreationTime: 2019-03-19T06:21:06.000000000Z
8621318.15ac: LastWriteTime: 2019-03-19T06:21:06.000000000Z
8631318.15ac: ChangeTime: 2019-12-08T16:20:27.739836100Z
8641318.15ac: FileAttributes: 0x20
8651318.15ac: Size: 0xe350
8661318.15ac: NT Headers: 0xe0
8671318.15ac: Timestamp: 0x54ad405e
8681318.15ac: Machine: 0x8664 - amd64
8691318.15ac: Timestamp: 0x54ad405e
8701318.15ac: Image Version: 6.1
8711318.15ac: SizeOfImage: 0xb000 (45056)
8721318.15ac: Resource Dir: 0x9000 LB 0x430
8731318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8741318.15ac: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
8751318.15ac: ProductName: Coretech Delivery
8761318.15ac: ProductVersion: 30.0.3724.0
8771318.15ac: FileVersion: 30.0.3724.0
8781318.15ac: FileDescription: Packet Network Filter [fre_win7_amd64]
8791318.15ac: \SystemRoot\System32\drivers\klkbdflt.sys:
8801318.15ac: CreationTime: 2019-03-18T01:11:30.000000000Z
8811318.15ac: LastWriteTime: 2019-03-18T01:11:30.000000000Z
8821318.15ac: ChangeTime: 2019-12-08T16:20:28.208421300Z
8831318.15ac: FileAttributes: 0x20
8841318.15ac: Size: 0x13550
8851318.15ac: NT Headers: 0xf8
8861318.15ac: Timestamp: 0x79cc11d7
8871318.15ac: Machine: 0x8664 - amd64
8881318.15ac: Timestamp: 0x79cc11d7
8891318.15ac: Image Version: 6.1
8901318.15ac: SizeOfImage: 0x12000 (73728)
8911318.15ac: Resource Dir: 0x10000 LB 0x438
8921318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8931318.15ac: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
8941318.15ac: ProductName: Coretech Delivery
8951318.15ac: ProductVersion: 30.0.3716.0
8961318.15ac: FileVersion: 30.0.3716.0
8971318.15ac: FileDescription: Keyboard Device Filter [fre_win7_amd64]
8981318.15ac: \SystemRoot\System32\drivers\klmouflt.sys:
8991318.15ac: CreationTime: 2019-03-18T00:50:34.000000000Z
9001318.15ac: LastWriteTime: 2019-03-18T00:50:34.000000000Z
9011318.15ac: ChangeTime: 2019-12-08T16:20:28.101288000Z
9021318.15ac: FileAttributes: 0x20
9031318.15ac: Size: 0xe878
9041318.15ac: NT Headers: 0xe8
9051318.15ac: Timestamp: 0xab7b625
9061318.15ac: Machine: 0x8664 - amd64
9071318.15ac: Timestamp: 0xab7b625
9081318.15ac: Image Version: 6.1
9091318.15ac: SizeOfImage: 0xe000 (57344)
9101318.15ac: Resource Dir: 0xc000 LB 0x430
9111318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
9121318.15ac: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
9131318.15ac: ProductName: Coretech Delivery
9141318.15ac: ProductVersion: 30.0.3716.0
9151318.15ac: FileVersion: 30.0.3716.0
9161318.15ac: FileDescription: Mouse Device Filter [fre_win7_amd64]
9171318.15ac: \SystemRoot\System32\drivers\kneps.sys:
9181318.15ac: CreationTime: 2019-03-19T01:31:38.000000000Z
9191318.15ac: LastWriteTime: 2019-03-19T01:31:38.000000000Z
9201318.15ac: ChangeTime: 2019-12-08T16:20:27.146094700Z
9211318.15ac: FileAttributes: 0x20
9221318.15ac: Size: 0x38b50
9231318.15ac: NT Headers: 0x108
9241318.15ac: Timestamp: 0x7aa255dc
9251318.15ac: Machine: 0x8664 - amd64
9261318.15ac: Timestamp: 0x7aa255dc
9271318.15ac: Image Version: 6.1
9281318.15ac: SizeOfImage: 0x38000 (229376)
9291318.15ac: Resource Dir: 0x35000 LB 0x428
9301318.15ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
9311318.15ac: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
9321318.15ac: ProductName: Coretech Delivery
9331318.15ac: ProductVersion: 30.0.3731.0
9341318.15ac: FileVersion: 30.0.3731.0
9351318.15ac: FileDescription: Network Processor [fre_win7_amd64]
9361318.15ac: \SystemRoot\System32\klfphc.dll:
9371318.15ac: CreationTime: 2015-02-09T20:31:05.379965500Z
9381318.15ac: LastWriteTime: 2013-05-06T07:13:26.000000000Z
9391318.15ac: ChangeTime: 2019-12-08T16:20:15.921881400Z
9401318.15ac: FileAttributes: 0x20
9411318.15ac: Size: 0x1ae60
9421318.15ac: NT Headers: 0xe8
9431318.15ac: Timestamp: 0x51873bf2
9441318.15ac: Machine: 0x8664 - amd64
9451318.15ac: Timestamp: 0x51873bf2
9461318.15ac: Image Version: 0.0
9471318.15ac: SizeOfImage: 0x1d000 (118784)
9481318.15ac: Resource Dir: 0x18000 LB 0x3c80
9491318.15ac: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
9501318.15ac: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
9511318.15ac: ProductName: Kaspersky™ Anti-Virus ®
9521318.15ac: ProductVersion: 1.0.0.12
9531318.15ac: FileVersion: 1.0.0.12
9541318.15ac: FileDescription: Filtering Platform Helper Class
9551318.15ac: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Programs\VirtualBox'
9561318.15ac: Calling main()
9571318.15ac: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
9581318.15ac: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Programs\VirtualBox'
9591318.15ac: '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
9601318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe)
9611318.15ac: SUPR3HardenedMain: Final process, opening VBoxDrv...
9621318.15ac: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001210000 LB 0x400000)
9631318.15ac: supR3HardNtEnableThreadCreationEx:
9641318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll)
9651318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll
9661318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
9671318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9681318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd93e0000 LB 0x00005000 C:\Programs\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
9691318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9701318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9711318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9721318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd93e0000 'C:\Programs\VirtualBox\VBoxSupLib.DLL'
9731318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
9741318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9751318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd93e0000 'C:\Programs\VirtualBox\VBoxSupLib.DLL'
9761318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd93e0000 'C:\Programs\VirtualBox\VBoxSupLib.DLL'
9771318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9781318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'crypt32.dll'.
9791318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'msasn1.dll'.
9801318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
9811318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
9821318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
9831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9841318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9851318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'sspicli.dll'.
9861318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
9871318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
9881318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
9891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
9901318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
9911318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
9921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
9931318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
9941318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
9951318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msasn1.dll'.
9961318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
9971318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
9981318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
9991318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10001318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
10011318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
10021318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
10031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
10041318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
10051318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10061318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10071318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10081318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sspicli.dll'...
10091318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'sspicli.dll' -> '\Device\HarddiskVolume2\Windows\System32\sspicli.dll' [rcNtRedir=0xc0150008]
10101318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
10111318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sspicli.dll)
10121318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sspicli.dll
10131318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10141318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10151318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10161318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10171318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10181318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
10191318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
10201318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
10211318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdecd0000 LB 0x000aa000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
10221318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10231318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde690000 LB 0x00011000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
10241318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
10251318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde840000 LB 0x001df000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
10261318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
10271318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce08c0000 LB 0x00059000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
10281318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
10291318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde7b0000 LB 0x0002e000 C:\Windows\system32\SspiCli.dll [fFlags=0x0]
10301318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sspicli.dll [lacks WinVerifyTrust]
10311318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0780000 LB 0x00140000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
10321318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10331318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde7e0000 LB 0x00051000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
10341318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10351318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\system32\Wintrust.dll'
10361318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
10371318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
10381318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10391318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10401318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10411318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10421318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
10431318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde190000 LB 0x00026000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
10441318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
10451318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde190000 'C:\Windows\system32\bcrypt.dll'
10461318.15ac: bcrypt.dll loaded at 00007ffcde190000, BCryptOpenAlgorithmProvider at 00007ffcde193490, preloading providers:
10471318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
10481318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
10491318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10501318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
10511318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde4b0000 LB 0x00063000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
10521318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
10531318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde4b0000 'C:\Windows\system32\bcryptprimitives.dll'
10541318.15ac: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000017e9cb0)
10551318.15ac: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000017ea010)
10561318.15ac: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000017ea140)
10571318.15ac: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000017ea270)
10581318.15ac: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000017eb3b0)
10591318.15ac: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000017eb4e0)
10601318.15ac: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000017eb730)
10611318.15ac: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000017eb860)
10621318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10631318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10641318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10651318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10661318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10671318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10681318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10691318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10701318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10711318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10721318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10731318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10741318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10751318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10761318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10771318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10781318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10791318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10801318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10811318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
10821318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
10831318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
10841318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcddf40000 LB 0x00020000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
10851318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
10861318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
10871318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
10881318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
10891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
10901318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
10911318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
10921318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10931318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
10941318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcddb10000 LB 0x00036000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
10951318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
10961318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
10971318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
10981318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
10991318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
11001318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde520000 LB 0x0000b000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
11011318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
11021318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
11031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
11041318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
11051318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
11061318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11071318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0920000 'C:\Windows\system32\kernel32.dll'
11081318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
11091318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
11101318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11111318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11121318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\CRYPT32.dll'
11131318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce1240000 LB 0x00016000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
11141318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11151318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
11161318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
11171318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11181318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11191318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11201318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11211318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11221318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
11231318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'bcrypt.dll'.
11241318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ntasn1.dll'.
11251318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
11261318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
11271318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntasn1.dll)
11281318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntasn1.dll
11291318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde120000 LB 0x00037000 C:\Windows\SYSTEM32\NTASN1.dll [fFlags=0x0]
11301318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
11311318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde160000 LB 0x00025000 C:\Windows\SYSTEM32\ncrypt.dll [fFlags=0x0]
11321318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
11331318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11341318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
11351318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
11361318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
11371318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdd7b0000 LB 0x00024000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
11381318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
11391318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
11401318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
11411318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde5e0000 LB 0x00015000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0]
11421318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
11431318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11441318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'crypt32.dll'.
11451318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'wldap32.dll'.
11461318.15ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
11471318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
11481318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
11491318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
11501318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11511318.15ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
11521318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
11531318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
11541318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
11551318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11561318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11571318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11581318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11591318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11601318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11611318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11621318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11631318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11641318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11651318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntasn1.dll'...
11661318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\ntasn1.dll' [rcNtRedir=0xc0150008]
11671318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
11681318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
11691318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
11701318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11711318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11721318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11731318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11741318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11751318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11761318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0660000 LB 0x0005c000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
11771318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
11781318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdc950000 LB 0x00033000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
11791318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11801318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11811318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11821318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
11831318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11841318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11851318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
11861318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11871318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11881318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
11891318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11901318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11911318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
11921318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11931318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11941318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
11951318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11961318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11971318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
11981318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11991318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
12001318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12011318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
12021318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12031318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
12041318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12051318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
12061318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12071318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
12081318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\system32\cryptnet.dll'
12091318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12101318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdc950000 'C:\Windows\System32\cryptnet.dll'
12111318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12121318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
12131318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
12141318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
12151318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
12161318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdeb50000 LB 0x000aa000 C:\Windows\SYSTEM32\advapi32.dll [fFlags=0x0]
12171318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12181318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12191318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12201318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12211318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12221318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
12231318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume2\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
12241318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
12251318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12261318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12271318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
12281318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12291318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
12301318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12311318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12321318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
12331318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
12341318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000017f5da0
12351318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
12361318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9144912ED87D4AFFD132555D0F6498A61B3046A8
12371318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12381318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12391318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0780000 'C:\Windows\system32\rpcrt4.dll'
12401318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12411318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12421318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12431318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12441318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12451318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12461318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12471318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12481318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12491318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12501318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12511318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12521318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12531318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
12541318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\System32\WINTRUST.DLL'
12551318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12561318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12571318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
12581318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12591318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12601318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
12611318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_993_for_KB4520005~31bf3856ad364e35~amd64~~6.3.1.11.cat'; file='\SystemRoot\System32\ntdll.dll'
12621318.15ac: g_pfnWinVerifyTrust=00007ffcde7e1050
12631318.15ac: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
12641318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12651318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12661318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
12671318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12681318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12691318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
12701318.15ac: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
12711318.15ac: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
12721318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12731318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12741318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
12751318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
12761318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12771318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
12781318.15ac: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
12791318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12801318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12811318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
12821318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
12831318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
12841318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
12851318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
12861318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
12871318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C703EA5C53886AFFF727297D74E706540A242423
12881318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12891318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
12901318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
12911318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1341_for_KB4457129~31bf3856ad364e35~amd64~~6.3.1.7.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
12921318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
12931318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
12941318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
12951318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
12961318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
12971318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7F501A7B907459FED689C7B6483581A8D309E60F
12981318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12991318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13001318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13011318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1341_for_KB4457129~31bf3856ad364e35~amd64~~6.3.1.7.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
13021318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
13031318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
13041318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13051318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13061318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13071318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
13081318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13091318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13101318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13111318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
13121318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13131318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13141318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13151318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ntasn1.dll'
13161318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13171318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13181318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13191318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
13201318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13211318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13221318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
13231318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13241318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13251318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
13261318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13271318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13281318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13291318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13301318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
13311318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
13321318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13331318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13341318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
13351318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13361318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13371318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
13381318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13391318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13401318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
13411318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13421318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13431318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
13441318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13451318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13461318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
13471318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13481318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13491318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sspicli.dll'
13501318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13511318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13521318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
13531318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13541318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13551318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
13561318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13571318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13581318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
13591318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13601318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Programs\VirtualBox\VBoxSupLib.dll'
13611318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13621318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.exe'
13631318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13641318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13651318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
13661318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
13671318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13681318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
13691318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
13701318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x7306b78ef3afac00 OU=Created by http://www.fiddler2.com, O=DO_NOT_TRUST, CN=DO_NOT_TRUST_FiddlerRoot
13711318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x9a1d072db1a59400 O=3dtv.at, CN=3dtv.at Root
13721318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
13731318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
13741318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
13751318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
13761318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
13771318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x51fe414b27a6a400 CN=ZORT
13781318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
13791318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x73ee3cd0d666ab00 CN=USB\VID_0BDA&PID_2838&MI_00 (libwdi autogenerated)
13801318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xe3b405f3df50a900 O=Kaspersky Lab ZAO, CN=Kaspersky Anti-Virus Personal Root Certificate
13811318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
13821318.15ac: supR3HardenedWinIsDesiredRootCA: skipping - not-self-signed: C=BZ, ST=Belize, L=Belize city, O=Disc Soft Ltd, CN=Disc Soft Ltd, Email=finpr@disc-soft.com
13831318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
13841318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xb90ddbdbbfabe000 O=AO Kaspersky Lab, CN=Kaspersky Anti-Virus Personal Root Certificate
13851318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
13861318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x4a25c87eb933b700 C=RO, O=certSIGN, OU=certSIGN ROOT CA
13871318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xa12b07674f1bf600 C=US, O=AffirmTrust, CN=AffirmTrust Commercial
13881318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x75a2ccecb8259a00 C=TW, O=Government Root Certification Authority
13891318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
13901318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
13911318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x91e3728b8b40d000 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO Certification Authority
13921318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
13931318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
13941318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
13951318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
13961318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
13971318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
13981318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
13991318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
14001318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
14011318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
14021318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
14031318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
14041318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
14051318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
14061318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
14071318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x85d60900c4a3a200 C=SK, L=Bratislava, O=Disig a.s., CN=CA Disig Root R2
14081318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
14091318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
14101318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
14111318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
14121318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
14131318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
14141318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x3178d37f87f1c400 C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2
14151318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
14161318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
14171318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
14181318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
14191318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
14201318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
14211318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
14221318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
14231318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x802b3770cb00af00 C=EU, L=Madrid (see current address at www.camerfirma.com/address), SRN=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root - 2008
14241318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
14251318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
14261318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
14271318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xc66d30927ebce400 C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
14281318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
14291318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
14301318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
14311318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
14321318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
14331318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
14341318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
14351318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
14361318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA
14371318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
14381318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
14391318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
14401318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
14411318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
14421318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x3b2a6f973b859500 CN=Atos TrustedRoot 2011, O=Atos, C=DE
14431318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
14441318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
14451318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
14461318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
14471318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
14481318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
14491318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
14501318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
14511318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
14521318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xa8b43f38c3f7b100 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Hardware
14531318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
14541318.15ac: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
14551318.15ac: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=84
14561318.15ac: SUPR3HardenedMain: Load Runtime...
14571318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
14581318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
14591318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
14601318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
14611318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
14621318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll) WinVerifyTrust
14631318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
14641318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14651318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14661318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
14671318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
14681318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'nsi.dll'.
14691318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
14701318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
14711318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
14721318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14731318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14741318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
14751318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14761318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14771318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
14781318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14791318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14801318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
14811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
14821318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
14831318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\nsi.dll'.
14841318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)
14851318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
14861318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14871318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
14881318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
14891318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll) WinVerifyTrust
14901318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
14911318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14931318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14941318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14951318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll'.
14961318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll)
14971318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll
14981318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
14991318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll) WinVerifyTrust
15001318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
15011318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15021318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
15031318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
15041318.15ac: supR3HardenedDllNotificationCallback: load 00000000536e0000 LB 0x000d2000 C:\Programs\VirtualBox\MSVCR100.dll [fFlags=0x0]
15051318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
15061318.15ac: supR3HardenedDllNotificationCallback: load 0000000052b60000 LB 0x00098000 C:\Programs\VirtualBox\MSVCP100.dll [fFlags=0x0]
15071318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
15081318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdeb40000 LB 0x00009000 C:\Windows\system32\NSI.dll [fFlags=0x0]
15091318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
15101318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0420000 LB 0x0005a000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
15111318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
15121318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcc19f0000 LB 0x005e2000 C:\Programs\VirtualBox\VBoxRT.dll [fFlags=0x0]
15131318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15141318.15ac: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll'.
15151318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rescheduled]
15161318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\nsi.dll'.
15171318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rescheduled]
15181318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15191318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15201318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15211318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15221318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15231318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15241318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15251318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15261318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15271318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15281318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15291318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15301318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15311318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15321318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15331318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15341318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15351318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15361318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15371318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15381318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15391318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15401318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15411318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15421318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15431318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15441318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15451318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15461318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15471318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15481318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15491318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15501318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15511318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15521318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15531318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15541318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15551318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15561318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15571318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15581318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15591318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15601318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15611318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxRT.dll
15621318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15631318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15641318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15651318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15661318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc19f0000 'C:\Programs\VirtualBox\VBoxRT.dll'
15671318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde7e0000 'C:\Windows\system32\Wintrust.dll'
15681318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
15691318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
15701318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
15711318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
15721318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15731318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
15741318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
15751318.15ac: SUPR3HardenedMain: Load TrustedMain...
15761318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
15771318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
15781318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxglobal.dll'.
15791318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
15801318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
15811318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
15821318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
15831318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
15841318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
15851318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
15861318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
15871318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
15881318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
15891318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
15901318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
15911318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.dll
15921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
15931318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
15941318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
15951318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
15961318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
15971318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
15981318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'user32.dll'.
15991318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
16001318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
16011318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16021318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16041318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16051318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
16061318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'gdi32.dll'.
16071318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
16081318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
16091318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16101318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16111318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
16121318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
16131318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
16141318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
16151318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
16161318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'devobj.dll'.
16171318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmmbase.dll)
16181318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmmbase.dll
16191318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
16201318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
16211318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
16221318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16231318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
16241318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll)
16251318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
16261318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16271318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16281318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16291318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16301318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
16311318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'.
16321318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
16331318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
16341318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16351318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16361318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
16371318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
16381318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
16391318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
16401318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
16411318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
16421318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16431318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16441318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
16451318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
16461318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16471318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
16481318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
16491318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
16501318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
16511318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16521318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16531318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16541318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16551318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16561318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16571318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
16581318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16591318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
16601318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\combase.dll)
16611318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\combase.dll
16621318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16631318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16641318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16651318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16661318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16671318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16681318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
16691318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
16701318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
16711318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
16721318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'.
16731318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
16741318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
16751318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
16761318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
16771318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16781318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16791318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [redoing WinVerifyTrust]
16801318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16821318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
16831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16841318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16851318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
16861318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16871318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16881318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
16891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16901318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16911318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16931318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
16941318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
16951318.15ac: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
16961318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
16971318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
16981318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
16991318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
17001318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
17011318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
17021318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
17031318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
17041318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\Qt5OpenGLVBox.dll
17051318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17061318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17071318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17081318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17091318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
17101318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17111318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17121318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll'.
17131318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
17141318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
17151318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
17161318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
17171318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
17181318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
17191318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
17201318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
17211318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll)
17221318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll
17231318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17241318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17251318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll'.
17261318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
17271318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
17281318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
17291318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
17301318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
17311318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
17321318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
17331318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll)
17341318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll
17351318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17361318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17371318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll'.
17381318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
17391318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
17401318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
17411318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
17421318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
17431318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
17441318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
17451318.15ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll)
17461318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll
17471318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17481318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17491318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
17501318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17511318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17521318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
17531318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
17541318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
17551318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
17561318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17571318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'user32.dll'.
17581318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'shlwapi.dll'.
17591318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'gdi32.dll'.
17601318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)
17611318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
17621318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17631318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17641318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
17651318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17661318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17671318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
17681318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17691318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17701318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17711318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17721318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17731318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17741318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17751318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17761318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
17771318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17781318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17791318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
17801318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17821318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
17831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17841318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17851318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
17861318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17871318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17881318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
17901318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
17911318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'.
17921318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17931318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
17941318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
17951318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
17961318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
17971318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
17981318.15ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)
17991318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
18001318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18011318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18021318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
18031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18041318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18051318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
18061318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
18071318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
18081318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
18091318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
18101318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
18111318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
18121318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll)
18131318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
18141318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18151318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18161318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
18171318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18181318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18191318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
18201318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18211318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18221318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
18231318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
18241318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
18251318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
18261318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18271318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18281318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18291318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18301318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18311318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18321318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
18331318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
18341318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'.
18351318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18361318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'.
18371318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'.
18381318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'dciman32.dll'.
18391318.15ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll)
18401318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
18411318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
18421318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
18431318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
18441318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18451318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
18461318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
18471318.15ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)
18481318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
18491318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18501318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18511318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18521318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18531318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18541318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
18551318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18561318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18571318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18581318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18591318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18601318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
18611318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
18621318.15ac: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
18631318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
18641318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
18651318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
18661318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
18671318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
18681318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18691318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18701318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
18711318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18721318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18731318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18741318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18751318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18761318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18771318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18781318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18791318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18801318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
18811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18821318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
18841318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
18851318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
18861318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18871318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18881318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
18891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
18901318.15ac: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
18911318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18921318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
18931318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
18941318.15ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll)
18951318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
18961318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18971318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18981318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18991318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19001318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19011318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19021318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19041318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19051318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19061318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19071318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
19081318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19091318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19101318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
19111318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
19121318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
19131318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
19141318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
19151318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
19161318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
19171318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
19181318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
19191318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
19201318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
19211318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
19221318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19231318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19241318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
19251318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19261318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19271318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
19281318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
19291318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
19301318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
19311318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
19321318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
19331318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
19341318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
19351318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
19361318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
19371318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19381318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19391318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19401318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19411318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
19421318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
19431318.15ac: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll'
19441318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
19451318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
19461318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
19471318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
19481318.15ac: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll'
19491318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19501318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19511318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
19521318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
19531318.15ac: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll'
19541318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19551318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19561318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
19571318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19581318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19591318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxglobal.dll'...
19601318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxglobal.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\vboxglobal.dll' [rcNtRedir=0xc0150008]
19611318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
19621318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
19631318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
19641318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
19651318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
19661318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
19671318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
19681318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
19691318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
19701318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
19711318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
19721318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VBoxGlobal.dll) WinVerifyTrust
19731318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VBoxGlobal.dll
19741318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
19751318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
19761318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
19771318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000490 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
19781318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
19791318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
19801318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2C6D4490D969C3233E8843AD4B11DB3F390C0B16
19811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19821318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19841318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19851318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
19861318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19871318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
19881318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
19891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19901318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19911318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
19921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19931318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19941318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
19951318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
19961318.15ac: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
19971318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
19981318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
19991318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll
20001318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
20011318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
20021318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll
20031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20041318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20051318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20061318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20071318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
20081318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
20091318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1537_for_KB3000850~31bf3856ad364e35~amd64~~6.3.1.8.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
20101318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20111318.15ac: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
20121318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
20131318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.dll
20141318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
20151318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxGlobal.dll
20161318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll
20171318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll
20181318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
20191318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5OpenGLVBox.dll
20201318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
20211318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
20221318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
20231318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
20241318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [avoiding WinVerifyTrust]
20251318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
20261318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
20271318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
20281318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
20291318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0ea0000 LB 0x00177000 C:\Windows\system32\USER32.dll [fFlags=0x0]
20301318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce1260000 LB 0x0014c000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
20311318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
20321318.15ac: supR3HardenedDllNotificationCallback: load 00007ffccd730000 LB 0x00009000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
20331318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
20341318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcc1160000 LB 0x000f8000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0]
20351318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
20361318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd0a00000 LB 0x0002e000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
20371318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
20381318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcc1260000 LB 0x0012b000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
20391318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
20401318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce1020000 LB 0x00210000 C:\Windows\SYSTEM32\combase.dll [fFlags=0x0]
20411318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [avoiding WinVerifyTrust]
20421318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0e40000 LB 0x00054000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
20431318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
20441318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdeef0000 LB 0x0152b000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
20451318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
20461318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce0a60000 LB 0x00194000 C:\Windows\system32\ole32.dll [fFlags=0x0]
20471318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
20481318.15ac: supR3HardenedDllNotificationCallback: load 00007ffccd740000 LB 0x0001e000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
20491318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
20501318.15ac: supR3HardenedDllNotificationCallback: load 0000000053170000 LB 0x00565000 C:\Programs\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
20511318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll
20521318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcc13f0000 LB 0x005f7000 C:\Programs\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
20531318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll
20541318.15ac: supR3HardenedDllNotificationCallback: load 0000000052c00000 LB 0x00561000 C:\Programs\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
20551318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
20561318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdec00000 LB 0x000c7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
20571318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
20581318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcbe630000 LB 0x02387000 C:\Programs\VirtualBox\VBoxGlobal.dll [fFlags=0x0]
20591318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxGlobal.dll
20601318.15ac: supR3HardenedDllNotificationCallback: load 0000000053870000 LB 0x00054000 C:\Programs\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
20611318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5OpenGLVBox.dll
20621318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcde760000 LB 0x0004f000 C:\Windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0]
20631318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
20641318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdd410000 LB 0x00028000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
20651318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
20661318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd95f0000 LB 0x0002a000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
20671318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
20681318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd9620000 LB 0x00022000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
20691318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
20701318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd8eb0000 LB 0x00188000 C:\Programs\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
20711318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VirtualBoxVM.dll
20721318.15ac: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\dciman32.dll'.
20731318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rescheduled]
20741318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
20751318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
20761318.15ac: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
20771318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
20781318.15ac: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\ddraw.dll'.
20791318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rescheduled]
20801318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
20811318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
20821318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
20831318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
20841318.15ac: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll'.
20851318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Programs\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20861318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
20871318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
20881318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
20891318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
20901318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
20911318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
20921318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\devobj.dll'.
20931318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rescheduled]
20941318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
20951318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
20961318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
20971318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
20981318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'msctf.dll'.
20991318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
21001318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
21011318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
21021318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
21031318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msctf.dll'.
21041318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21051318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
21061318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
21071318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'imm32.dll'.
21081318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
21091318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
21101318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21111318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21121318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
21131318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
21141318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
21151318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [redoing WinVerifyTrust]
21161318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
21171318.15ac: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\imm32.dll
21181318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21191318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21201318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
21211318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
21221318.15ac: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\gdi32.dll
21231318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21241318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21251318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21261318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21271318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21281318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
21291318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcded80000 LB 0x00152000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
21301318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [avoiding WinVerifyTrust]
21311318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce13b0000 LB 0x00036000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
21321318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
21331318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce13b0000 'C:\Windows\system32\IMM32.DLL'
21341318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msctf.dll'.
21351318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rescheduled]
21361318.15ac: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
21371318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rescheduled]
21381318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
21391318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21401318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdeb50000 'C:\Windows\system32\ADVAPI32.DLL'
21411318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd8eb0000 'C:\Programs\VirtualBox\VirtualBoxVM.dll'
21421318.15ac: SUPR3HardenedMain: Calling TrustedMain (00007ffcd8eb16c0)...
21431318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21441318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'combase.dll'.
21451318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\SHCore.dll)
21461318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\SHCore.dll
21471318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdcb70000 LB 0x000b2000 C:\Windows\SYSTEM32\SHCORE.dll [fFlags=0x0]
21481318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll [avoiding WinVerifyTrust]
21491318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
21501318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
21511318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
21521318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21531318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21541318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
21551318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
21561318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'
21571318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
21581318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
21591318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
21601318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
21611318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
21621318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
21631318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
21641318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
21651318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
21661318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
21671318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
21681318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
21691318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
21701318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\platforms\qwindows.dll
21711318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21721318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21731318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
21741318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
21751318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5CoreVBox.dll
21761318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
21771318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
21781318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\Qt5GuiVBox.dll
21791318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21801318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21811318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
21821318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
21831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
21841318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [redoing WinVerifyTrust]
21851318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
21861318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
21871318.15ac: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
21881318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21901318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
21911318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
21921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
21931318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
21941318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
21951318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
21961318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [redoing WinVerifyTrust]
21971318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
21981318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
21991318.15ac: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
22001318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22011318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22021318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
22031318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
22041318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
22051318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22061318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22071318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
22081318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
22091318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
22101318.15ac: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
22111318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22121318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\platforms\qwindows.dll
22131318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcc1030000 LB 0x0012e000 C:\Programs\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
22141318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\platforms\qwindows.dll
22151318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc1030000 'C:\Programs\VirtualBox\platforms\qwindows.dll'
22161318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
22171318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
22181318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll)
22191318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll
22201318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdd460000 LB 0x0000b000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
22211318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
22221318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22231318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22241318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22251318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22261318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
22271318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
22281318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'
22291318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007c4 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22301318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
22311318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
22321318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=838F7D43C262A37C4054028F21459B37D8042774
22331318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
22341318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
22351318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1057_for_KB4487000~31bf3856ad364e35~amd64~~6.3.1.12.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
22361318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22371318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22381318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
22391318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
22401318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
22411318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22421318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22431318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22441318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22451318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22461318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22471318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22481318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22491318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22501318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdd270000 LB 0x00129000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
22511318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22521318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdd270000 'C:\Windows\system32\uxtheme.dll'
22531318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22541318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22551318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdd270000 'C:\Windows\system32\uxtheme.dll'
22561318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22571318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22581318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdd270000 'C:\Windows\system32\uxtheme.dll'
22591318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22601318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22611318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdd270000 'C:\Windows\system32\uxtheme.dll'
22621318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0ea0000 'C:\Windows\system32\user32.dll'
22631318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
22641318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22651318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdeef0000 'C:\Windows\system32\shell32.dll'
22661318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll
22671318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22681318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdcb70000 'C:\Windows\system32\SHCore.dll'
22691318.15ac: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
22701318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
22711318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22721318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'user32.dll'.
22731318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'gdi32.dll'.
22741318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll)
22751318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
22761318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcdc920000 LB 0x00021000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
22771318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
22781318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22791318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22801318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22821318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22841318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
22851318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
22861318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
22871318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
22881318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22891318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd9620000 'C:\Windows\system32\winmm.dll'
22901318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
22911318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22921318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd9620000 'C:\Windows\system32\winmm.dll'
22931318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
22941318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22951318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdeef0000 'C:\Windows\system32\shell32.dll'
22961318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
22971318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22981318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdd270000 'C:\Windows\system32\uxtheme.dll'
22991318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
23001318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23011318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdeb50000 'C:\Windows\system32\advapi32.dll'
23021318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
23031318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
23041318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23051318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
23061318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'profapi.dll'.
23071318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\userenv.dll) WinVerifyTrust
23081318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
23091318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
23101318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
23111318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
23121318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23131318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23141318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23151318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23161318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23171318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
23181318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcddc20000 LB 0x00021000 C:\Windows\system32\userenv.dll [fFlags=0x0]
23191318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
23201318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddc20000 'C:\Windows\system32\userenv.dll'
23211318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
23221318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23231318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0920000 'C:\Windows\system32\kernel32.dll'
23241318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23251318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
23261318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)
23271318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
23281318.15ac: supR3HardenedDllNotificationCallback: load 00007ffce13f0000 LB 0x000b6000 C:\Windows\SYSTEM32\clbcatq.dll [fFlags=0x0]
23291318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\clbcatq.dll [avoiding WinVerifyTrust]
23301318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23311318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23321318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23331318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23341318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
23351318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
23361318.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
23371318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
23381318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
23391318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23401318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
23411318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
23421318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
23431318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
23441318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
23451318.1614: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VBoxC.dll) WinVerifyTrust
23461318.1614: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VBoxC.dll
23471318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23481318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23491318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
23501318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23511318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23521318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
23531318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23541318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23551318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
23561318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23571318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23581318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
23591318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
23601318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\msvcp100.dll
23611318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23621318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23631318.1614: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
23641318.1614: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxC.dll
23651318.1614: supR3HardenedDllNotificationCallback: load 00007ffcc0ba0000 LB 0x003a4000 C:\Programs\VirtualBox\VBoxC.dll [fFlags=0x0]
23661318.1614: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxC.dll
23671318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc0ba0000 'C:\Programs\VirtualBox\VBoxC.dll'
23681318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
23691318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23701318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
23711318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
23721318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
23731318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
23741318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
23751318.1614: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
23761318.1614: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
23771318.1614: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\VBoxProxyStub.dll
23781318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23791318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23801318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
23811318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23821318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23831318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
23841318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23851318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23861318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
23871318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
23881318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
23891318.1614: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [redoing WinVerifyTrust]
23901318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
23911318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
23921318.1614: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
23931318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23941318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23951318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23961318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23971318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23981318.1614: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23991318.1614: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24001318.1614: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxProxyStub.dll
24011318.1614: supR3HardenedDllNotificationCallback: load 00007ffcc0f50000 LB 0x000d5000 C:\Programs\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
24021318.1614: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\VBoxProxyStub.dll
24031318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc0f50000 'C:\Programs\VirtualBox\VBoxProxyStub.dll'
24041318.1614: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
24051318.1614: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24061318.1614: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdec00000 'C:\Windows\System32\oleaut32.dll'
24071318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce1260000 'C:\Windows\system32\gdi32.dll'
24081318.17fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
24091318.17fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
24101318.17fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
24111318.17fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24121318.17fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
24131318.17fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24141318.17fc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24151318.17fc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
24161318.17fc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
24171318.17fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24181318.17fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24191318.17fc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24201318.17fc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24211318.17fc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24221318.17fc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
24231318.17fc: supR3HardenedDllNotificationCallback: load 00007ffcd93d0000 LB 0x0000e000 C:\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
24241318.17fc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
24251318.17fc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd93d0000 'C:\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
24261318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
24271318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24281318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdeef0000 'C:\Windows\system32\shell32.dll'
24291318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll
24301318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24311318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdcb70000 'C:\Windows\system32\Shcore.dll'
24321318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
24331318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
24341318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0a60000 'C:\Windows\system32\ole32.dll'
24351318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [redoing WinVerifyTrust]
24361318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
24371318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
24381318.15ac: supR3HardenedScreenImage/LdrLoadDll: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
24391318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
24401318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcded80000 'C:\Windows\system32\MSCTF.dll'
24411318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffce0a60000 'C:\Windows\system32\ole32.dll'
24421318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
24431318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24441318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdec00000 'C:\Windows\system32\OLEAUT32.dll'
24451318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b88 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
24461318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
24471318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
24481318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=04EFCDE79C9C08E1FD8BEFFD40B3F84081540926
24491318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
24501318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
24511318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2216_for_KB4499151~31bf3856ad364e35~amd64~~6.3.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
24521318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24531318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24541318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
24551318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ws2_32.dll'.
24561318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'wbemcomn.dll'.
24571318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
24581318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
24591318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
24601318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
24611318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c60 pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
24621318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
24631318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
24641318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D4473F7123F5F6CA98EA4E88D421C174F8C3E19B
24651318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
24661318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
24671318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIN8IP-Blue-Microsoft-Windows-WMI-onecoreadmin-Package~31bf3856ad364e35~amd64~~7.2.9600.16384.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
24681318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24691318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24701318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
24711318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'bcrypt.dll'.
24721318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'ws2_32.dll'.
24731318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll) WinVerifyTrust
24741318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
24751318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24761318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24771318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
24781318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24791318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24801318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
24811318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24821318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24831318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
24841318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
24851318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
24861318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
24871318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
24881318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
24891318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24901318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24911318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24921318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24931318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24941318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
24951318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
24961318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd8ae0000 LB 0x00078000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
24971318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
24981318.15ac: supR3HardenedDllNotificationCallback: load 00007ffcd8bd0000 LB 0x0000e000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
24991318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
25001318.15ac: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
25011318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
25021318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdea20000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
25031318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd8bd0000 'C:\Windows\system32\wbem\wbemprox.dll'
25041318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d0c pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
25051318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
25061318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
25071318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0B2211AEC48C17EDB7C4F78F662CD010B67ABAD3
25081318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
25091318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
25101318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2216_for_KB4499151~31bf3856ad364e35~amd64~~6.3.1.9.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
25111318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25121318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25131318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
25141318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
25151318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
25161318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
25171318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25181318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25191318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25201318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25211318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25221318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25231318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25241318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
25251318.15ac: supR3HardenedDllNotificationCallback: load 00007ffccf180000 LB 0x00013000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
25261318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
25271318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf180000 'C:\Windows\system32\wbem\wbemsvc.dll'
25281318.15ac: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
25291318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
25301318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdea20000 'api-ms-win-core-localization-l1-2-0.dll'
25311318.15ac: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
25321318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
25331318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcdea20000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
25341318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d1c pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
25351318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000017f5da0
25361318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000017f5da0
25371318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=792C55B9871385A91543457398D2DFBBA6EAEBC6
25381318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcddb10000 'C:\Windows\system32\rsaenh.dll'
25391318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcde840000 'C:\Windows\system32\crypt32.dll'
25401318.15ac: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\WIN8IP-Blue-Microsoft-Windows-WMI-onecoreadmin-Package~31bf3856ad364e35~amd64~~7.2.9600.16384.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
25411318.15ac: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25421318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25431318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'oleaut32.dll'.
25441318.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'wbemcomn.dll'.
25451318.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
25461318.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
25471318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
25481318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
25491318.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
25501318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25511318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25521318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25531318.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25541318.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25551318.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
25561318.15ac: supR3HardenedDllNotificationCallback: load 00007ffccf1a0000 LB 0x000d4000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
25571318.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
25581318.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf1a0000 'C:\Windows\system32\wbem\fastprox.dll'
25591318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffcd93d0000 LB 0x0000e000 C:\Programs\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [flags=0x0]
25601318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffccf1a0000 LB 0x000d4000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0]
25611318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffccf180000 LB 0x00013000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
25621318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffcd8bd0000 LB 0x0000e000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
25631318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffcd8ae0000 LB 0x00078000 C:\Windows\SYSTEM32\wbemcomn.dll [flags=0x0]
25641318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffcc0f50000 LB 0x000d5000 C:\Programs\VirtualBox\VBoxProxyStub.dll [flags=0x0]
25651318.15ac: supR3HardenedDllNotificationCallback: Unload 00007ffcc0ba0000 LB 0x003a4000 C:\Programs\VirtualBox\VBoxC.dll [flags=0x0]
25661318.15ac: Terminating the normal way: rcExit=0
25671324.1320: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 4072 ms, the end);
256817ec.1734: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 4684 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy