VirtualBox

Ticket #19324: Windows Server 2008 R2-2020-02-24-10-25-58 (VBoxHardening).log

File Windows Server 2008 R2-2020-02-24-10-25-58 (VBoxHardening).log, 453.4 KB (added by Mark Cranness, 5 years ago)
Line 
167fc.6058: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000094 g_uNtVerCombined=0xa047ba00
267fc.6058: \SystemRoot\System32\ntdll.dll:
367fc.6058: CreationTime: 2020-02-12T07:19:30.132238800Z
467fc.6058: LastWriteTime: 2020-02-12T07:19:30.162494800Z
567fc.6058: ChangeTime: 2020-02-12T07:26:33.159262200Z
667fc.6058: FileAttributes: 0x20
767fc.6058: Size: 0x1e8458
867fc.6058: NT Headers: 0xd8
967fc.6058: Timestamp: 0x64d10ee0
1067fc.6058: Machine: 0x8664 - amd64
1167fc.6058: Timestamp: 0x64d10ee0
1267fc.6058: Image Version: 10.0
1367fc.6058: SizeOfImage: 0x1f0000 (2031616)
1467fc.6058: Resource Dir: 0x17f000 LB 0x6f310
1567fc.6058: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1667fc.6058: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1767fc.6058: ProductName: Microsoft® Windows® Operating System
1867fc.6058: ProductVersion: 10.0.18362.657
1967fc.6058: FileVersion: 10.0.18362.657 (WinBuild.160101.0800)
2067fc.6058: FileDescription: NT Layer DLL
2167fc.6058: \SystemRoot\System32\kernel32.dll:
2267fc.6058: CreationTime: 2019-09-10T22:39:29.514755700Z
2367fc.6058: LastWriteTime: 2019-09-10T22:39:29.527443800Z
2467fc.6058: ChangeTime: 2020-02-12T07:19:59.588854400Z
2567fc.6058: FileAttributes: 0x20
2667fc.6058: Size: 0xb0570
2767fc.6058: NT Headers: 0xe8
2867fc.6058: Timestamp: 0xd0cecc10
2967fc.6058: Machine: 0x8664 - amd64
3067fc.6058: Timestamp: 0xd0cecc10
3167fc.6058: Image Version: 10.0
3267fc.6058: SizeOfImage: 0xb2000 (729088)
3367fc.6058: Resource Dir: 0xb0000 LB 0x520
3467fc.6058: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3567fc.6058: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3667fc.6058: ProductName: Microsoft® Windows® Operating System
3767fc.6058: ProductVersion: 10.0.18362.329
3867fc.6058: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
3967fc.6058: FileDescription: Windows NT BASE API Client DLL
4067fc.6058: \SystemRoot\System32\KernelBase.dll:
4167fc.6058: CreationTime: 2020-02-12T07:19:30.527518200Z
4267fc.6058: LastWriteTime: 2020-02-12T07:19:30.574366200Z
4367fc.6058: ChangeTime: 2020-02-12T07:26:32.300090000Z
4467fc.6058: FileAttributes: 0x20
4567fc.6058: Size: 0x2a3508
4667fc.6058: NT Headers: 0xf0
4767fc.6058: Timestamp: 0xf96f12ee
4867fc.6058: Machine: 0x8664 - amd64
4967fc.6058: Timestamp: 0xf96f12ee
5067fc.6058: Image Version: 10.0
5167fc.6058: SizeOfImage: 0x2a3000 (2764800)
5267fc.6058: Resource Dir: 0x27d000 LB 0x548
5367fc.6058: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5467fc.6058: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5567fc.6058: ProductName: Microsoft® Windows® Operating System
5667fc.6058: ProductVersion: 10.0.18362.628
5767fc.6058: FileVersion: 10.0.18362.628 (WinBuild.160101.0800)
5867fc.6058: FileDescription: Windows NT BASE API Client DLL
5967fc.6058: \SystemRoot\System32\apisetschema.dll:
6067fc.6058: CreationTime: 2019-03-19T04:43:54.837151500Z
6167fc.6058: LastWriteTime: 2019-03-19T04:43:54.837151500Z
6267fc.6058: ChangeTime: 2020-02-12T07:19:59.582022500Z
6367fc.6058: FileAttributes: 0x20
6467fc.6058: Size: 0x1d028
6567fc.6058: NT Headers: 0xc8
6667fc.6058: Timestamp: 0xd6ced080
6767fc.6058: Machine: 0x8664 - amd64
6867fc.6058: Timestamp: 0xd6ced080
6967fc.6058: Image Version: 10.0
7067fc.6058: SizeOfImage: 0x1e000 (122880)
7167fc.6058: Resource Dir: 0x1d000 LB 0x408
7267fc.6058: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7367fc.6058: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7467fc.6058: ProductName: Microsoft® Windows® Operating System
7567fc.6058: ProductVersion: 10.0.18362.1
7667fc.6058: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
7767fc.6058: FileDescription: ApiSet Schema DLL
7867fc.6058: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7967fc.6058: supR3HardenedWinFindAdversaries: 0x80
8067fc.6058: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
8167fc.6058: CreationTime: 2018-09-06T04:58:57.414771000Z
8267fc.6058: LastWriteTime: 2018-09-27T21:40:37.008033600Z
8367fc.6058: ChangeTime: 2019-08-11T01:35:40.506356200Z
8467fc.6058: FileAttributes: 0x20
8567fc.6058: Size: 0x3f520
8667fc.6058: NT Headers: 0xf8
8767fc.6058: Timestamp: 0x5b568210
8867fc.6058: Machine: 0x8664 - amd64
8967fc.6058: Timestamp: 0x5b568210
9067fc.6058: Image Version: 10.0
9167fc.6058: SizeOfImage: 0x41000 (266240)
9267fc.6058: Resource Dir: 0x3f000 LB 0x3b8
9367fc.6058: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
9467fc.6058: [Raw version resource data: 0x3f060 LB 0x358, codepage 0x0 (reserved 0x0)]
9567fc.6058: ProductName: Malwarebytes SwissArmy
9667fc.6058: ProductVersion: 4.3.0.161
9767fc.6058: FileVersion: 4.3.0.161
9867fc.6058: FileDescription: Malwarebytes SwissArmy
9967fc.6058: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
10067fc.6058: Calling main()
10167fc.6058: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
10267fc.6058: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
10367fc.6058: SUPR3HardenedMain: Respawn #1
10467fc.6058: System32: \Device\HarddiskVolume4\Windows\System32
10567fc.6058: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
10667fc.6058: KnownDllPath: C:\WINDOWS\System32
10767fc.6058: supR3HardenedWinInit: Performing a limited self purification...
10867fc.6058: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
10967fc.6058: *0000000000000000-00000000006dffff 0x0001/0x0000 0x0000000
11067fc.6058: *00000000006e0000-00000000006effff 0x0004/0x0004 0x0040000
11167fc.6058: 00000000006f0000-00000000006fffff 0x0001/0x0000 0x0000000
11267fc.6058: *0000000000700000-000000000071afff 0x0002/0x0002 0x0040000
11367fc.6058: 000000000071b000-000000000071ffff 0x0001/0x0000 0x0000000
11467fc.6058: *0000000000720000-0000000000723fff 0x0002/0x0002 0x0040000
11567fc.6058: 0000000000724000-000000000072ffff 0x0001/0x0000 0x0000000
11667fc.6058: *0000000000730000-0000000000731fff 0x0004/0x0004 0x0020000
11767fc.6058: 0000000000732000-000000000073ffff 0x0001/0x0000 0x0000000
11867fc.6058: *0000000000740000-0000000000740fff 0x0004/0x0004 0x0020000
11967fc.6058: 0000000000741000-0000000000771fff 0x0000/0x0004 0x0020000
12067fc.6058: 0000000000772000-000000000077ffff 0x0001/0x0000 0x0000000
12167fc.6058: *0000000000780000-0000000000781fff 0x0004/0x0004 0x0020000
12267fc.6058: 0000000000782000-00000000007b1fff 0x0000/0x0004 0x0020000
12367fc.6058: 00000000007b2000-00000000007fffff 0x0001/0x0000 0x0000000
12467fc.6058: *0000000000800000-000000000097bfff 0x0000/0x0004 0x0020000
12567fc.6058: 000000000097c000-000000000097efff 0x0004/0x0004 0x0020000
12667fc.6058: 000000000097f000-00000000009fffff 0x0000/0x0004 0x0020000
12767fc.6058: *0000000000a00000-0000000000ab0fff 0x0000/0x0004 0x0020000
12867fc.6058: 0000000000ab1000-0000000000ab3fff 0x0104/0x0004 0x0020000
12967fc.6058: 0000000000ab4000-0000000000afffff 0x0004/0x0004 0x0020000
13067fc.6058: *0000000000b00000-0000000000bc6fff 0x0002/0x0002 0x0040000
13167fc.6058: 0000000000bc7000-0000000000c4ffff 0x0001/0x0000 0x0000000
13267fc.6058: *0000000000c50000-0000000000c60fff 0x0004/0x0004 0x0020000
13367fc.6058: 0000000000c61000-0000000000d4ffff 0x0000/0x0004 0x0020000
13467fc.6058: *0000000000d50000-0000000000d6cfff 0x0004/0x0004 0x0020000
13567fc.6058: 0000000000d6d000-0000000000e4ffff 0x0000/0x0004 0x0020000
13667fc.6058: 0000000000e50000-0000000000efffff 0x0001/0x0000 0x0000000
13767fc.6058: *0000000000f00000-0000000000f0efff 0x0004/0x0004 0x0020000
13867fc.6058: 0000000000f0f000-0000000000f0ffff 0x0000/0x0004 0x0020000
13967fc.6058: *0000000000f10000-0000000000f1dfff 0x0000/0x0004 0x0020000
14067fc.6058: 0000000000f1e000-000000000110efff 0x0004/0x0004 0x0020000
14167fc.6058: 000000000110f000-000000000110ffff 0x0000/0x0004 0x0020000
14267fc.6058: 0000000001110000-000000007ffdffff 0x0001/0x0000 0x0000000
14367fc.6058: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
14467fc.6058: 000000007ffe1000-000000007ffe9fff 0x0001/0x0000 0x0000000
14567fc.6058: *000000007ffea000-000000007ffeafff 0x0002/0x0002 0x0020000
14667fc.6058: 000000007ffeb000-00007ff430d0ffff 0x0001/0x0000 0x0000000
14767fc.6058: *00007ff430d10000-00007ff430d14fff 0x0002/0x0002 0x0040000
14867fc.6058: 00007ff430d15000-00007ff430e0ffff 0x0000/0x0002 0x0040000
14967fc.6058: *00007ff430e10000-00007ff530e2ffff 0x0000/0x0004 0x0020000
15067fc.6058: *00007ff530e30000-00007ff532e2ffff 0x0000/0x0004 0x0020000
15167fc.6058: 00007ff532e30000-00007ff532e30fff 0x0004/0x0004 0x0020000
15267fc.6058: 00007ff532e31000-00007ff532e3ffff 0x0001/0x0000 0x0000000
15367fc.6058: *00007ff532e40000-00007ff532e40fff 0x0002/0x0002 0x0040000
15467fc.6058: 00007ff532e41000-00007ff532e4ffff 0x0001/0x0000 0x0000000
15567fc.6058: *00007ff532e50000-00007ff532e72fff 0x0002/0x0002 0x0040000
15667fc.6058: 00007ff532e73000-00007ff65fc2ffff 0x0001/0x0000 0x0000000
15767fc.6058: *00007ff65fc30000-00007ff65fc30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15867fc.6058: 00007ff65fc31000-00007ff65fca6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15967fc.6058: 00007ff65fca7000-00007ff65fca7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16067fc.6058: 00007ff65fca8000-00007ff65fceffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16167fc.6058: 00007ff65fcf0000-00007ff65fcf2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16267fc.6058: 00007ff65fcf3000-00007ff65fcf5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16367fc.6058: 00007ff65fcf6000-00007ff65fcf8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16467fc.6058: 00007ff65fcf9000-00007ff65fcf9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16567fc.6058: 00007ff65fcfa000-00007ff65fcfbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16667fc.6058: 00007ff65fcfc000-00007ff65fcfcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16767fc.6058: 00007ff65fcfd000-00007ff65fd45fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
16867fc.6058: 00007ff65fd46000-00007ffde239ffff 0x0001/0x0000 0x0000000
16967fc.6058: *00007ffde23a0000-00007ffde23a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apphelp.dll
17067fc.6058: 00007ffde23a1000-00007ffde23edfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apphelp.dll
17167fc.6058: 00007ffde23ee000-00007ffde240ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apphelp.dll
17267fc.6058: 00007ffde2410000-00007ffde2412fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apphelp.dll
17367fc.6058: 00007ffde2413000-00007ffde242efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\apphelp.dll
17467fc.6058: 00007ffde242f000-00007ffde43dffff 0x0001/0x0000 0x0000000
17567fc.6058: *00007ffde43e0000-00007ffde43e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
17667fc.6058: 00007ffde43e1000-00007ffde44e5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
17767fc.6058: 00007ffde44e6000-00007ffde4647fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
17867fc.6058: 00007ffde4648000-00007ffde464bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
17967fc.6058: 00007ffde464c000-00007ffde464cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
18067fc.6058: 00007ffde464d000-00007ffde4682fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
18167fc.6058: 00007ffde4683000-00007ffde54dffff 0x0001/0x0000 0x0000000
18267fc.6058: *00007ffde54e0000-00007ffde54e0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
18367fc.6058: 00007ffde54e1000-00007ffde5555fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
18467fc.6058: 00007ffde5556000-00007ffde5587fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
18567fc.6058: 00007ffde5588000-00007ffde5588fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
18667fc.6058: 00007ffde5589000-00007ffde5589fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
18767fc.6058: 00007ffde558a000-00007ffde5591fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
18867fc.6058: 00007ffde5592000-00007ffde729ffff 0x0001/0x0000 0x0000000
18967fc.6058: *00007ffde72a0000-00007ffde72a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19067fc.6058: 00007ffde72a1000-00007ffde73b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19167fc.6058: 00007ffde73b8000-00007ffde73fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19267fc.6058: 00007ffde73ff000-00007ffde73fffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19367fc.6058: 00007ffde7400000-00007ffde7401fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19467fc.6058: 00007ffde7402000-00007ffde740afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19567fc.6058: 00007ffde740b000-00007ffde748ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
19667fc.6058: 00007ffde7490000-00007ffffffeffff 0x0001/0x0000 0x0000000
19767fc.6058: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
19867fc.6058: kernelbase.dll: timestamp 0xf96f12ee (rc=VINF_SUCCESS)
19967fc.6058: apphelp.dll: timestamp 0xff74693c (rc=VINF_SUCCESS)
20067fc.6058: VirtualBoxVM.exe: timestamp 0x5e1f1d0f (rc=VINF_SUCCESS)
20167fc.6058: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
20267fc.6058: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
20367fc.6058: apphelp.dll: Differences in section #2 (.rdata) between file and memory:
20467fc.6058: 00007ffde23efe98 / 0x004fe98: 90 != e0
20567fc.6058: 00007ffde23efe99 / 0x004fe99: e1 != ed
20667fc.6058: 00007ffde23efe9a / 0x004fe9a: 45 != 4f
20767fc.6058: 00007ffde23efe9b / 0x004fe9b: e4 != e5
20867fc.6058: 00007ffde23efea0 / 0x004fea0: 00 != 50
20967fc.6058: 00007ffde23efea1 / 0x004fea1: 0a != 5e
21067fc.6058: 00007ffde23efea2 / 0x004fea2: 43 != 4f
21167fc.6058: 00007ffde23efea3 / 0x004fea3: e4 != e5
21267fc.6058: 00007ffde23efea8 / 0x004fea8: 00 != b0
21367fc.6058: 00007ffde23efea9 / 0x004fea9: 48 != 1d
21467fc.6058: 00007ffde23efeaa / 0x004feaa: 44 != 50
21567fc.6058: 00007ffde23efeab / 0x004feab: e4 != e5
21667fc.6058: 00007ffde23efeb1 / 0x004feb1: a7 != b7
21767fc.6058: 00007ffde23efeb2 / 0x004feb2: 44 != 4f
21867fc.6058: 00007ffde23efeb3 / 0x004feb3: e4 != e5
21967fc.6058: 00007ffde23efeb9 / 0x004feb9: 22 != 1d
22067fc.6058: 00007ffde23efeba / 0x004feba: 44 != 50
22167fc.6058: 00007ffde23efebb / 0x004febb: e4 != e5
22267fc.6058: 00007ffde23efec0 / 0x004fec0: 90 != 40
22367fc.6058: 00007ffde23efec1 / 0x004fec1: bc != be
22467fc.6058: 00007ffde23efec2 / 0x004fec2: 43 != 4f
22567fc.6058: 00007ffde23efec3 / 0x004fec3: e4 != e5
22667fc.6058: 00007ffde23efec8 / 0x004fec8: b0 != 60
22767fc.6058: 00007ffde23efec9 / 0x004fec9: 66 != a1
22867fc.6058: 00007ffde23efeca / 0x004feca: 44 != 4f
22967fc.6058: 00007ffde23efecb / 0x004fecb: e4 != e5
23067fc.6058: 00007ffde23efed8 / 0x004fed8: c0 != a0
23167fc.6058: 00007ffde23efed9 / 0x004fed9: 72 != a1
23267fc.6058: 00007ffde23efeda / 0x004feda: 40 != 4f
23367fc.6058: 00007ffde23efedb / 0x004fedb: e4 != e5
23467fc.6058: Restored 0x2000 bytes of original file content at 00007ffde23ee000
23567fc.6058: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=1
23667fc.6058: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
23767fc.6058: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
23867fc.6058: supR3HardNtEnableThreadCreationEx:
23967fc.6058: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffde73117f0 pvNtTerminateThread=00007ffde733cb10
24067fc.6058: supR3HardenedWinDoReSpawn(1): New child 5d34.7ed0 [kernel32].
24167fc.6058: supR3HardNtChildGatherData: PebBaseAddress=0000000000501000 cbPeb=0x388
24267fc.6058: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffde72a0000 uNtDllChildAddr=00007ffde72a0000
24367fc.6058: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffde73117f0
24467fc.6058: supR3HardenedWinSetupChildInit: Initial context:
245 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff65fc37900 rdx=0000000000501000
246 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
247 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
248 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
249 rip=00007ffde730ceb0 rsp=000000000034faf8 rbp=0000000000000000 ctxflags=0010001b
250 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
251 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
252 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
253 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
254 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
25567fc.6058: supR3HardenedWinSetupChildInit: Start child.
25667fc.6058: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
25767fc.6058: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 58 sleeps
25867fc.6058: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
25967fc.6058: *0000000000000000-000000000020ffff 0x0001/0x0000 0x0000000
26067fc.6058: *0000000000210000-000000000022ffff 0x0004/0x0004 0x0020000
26167fc.6058: *0000000000230000-000000000024afff 0x0002/0x0002 0x0040000
26267fc.6058: 000000000024b000-000000000024ffff 0x0001/0x0000 0x0000000
26367fc.6058: *0000000000250000-000000000034afff 0x0000/0x0004 0x0020000
26467fc.6058: 000000000034b000-000000000034dfff 0x0104/0x0004 0x0020000
26567fc.6058: 000000000034e000-000000000034ffff 0x0004/0x0004 0x0020000
26667fc.6058: *0000000000350000-0000000000353fff 0x0002/0x0002 0x0040000
26767fc.6058: 0000000000354000-000000000035ffff 0x0001/0x0000 0x0000000
26867fc.6058: *0000000000360000-0000000000361fff 0x0004/0x0004 0x0020000
26967fc.6058: 0000000000362000-00000000003fffff 0x0001/0x0000 0x0000000
27067fc.6058: *0000000000400000-0000000000500fff 0x0000/0x0004 0x0020000
27167fc.6058: 0000000000501000-0000000000503fff 0x0004/0x0004 0x0020000
27267fc.6058: 0000000000504000-00000000005fffff 0x0000/0x0004 0x0020000
27367fc.6058: 0000000000600000-000000007ffdffff 0x0001/0x0000 0x0000000
27467fc.6058: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
27567fc.6058: 000000007ffe1000-000000007ffe9fff 0x0001/0x0000 0x0000000
27667fc.6058: *000000007ffea000-000000007ffeafff 0x0002/0x0002 0x0020000
27767fc.6058: 000000007ffeb000-00007ff5f46affff 0x0001/0x0000 0x0000000
27867fc.6058: *00007ff5f46b0000-00007ff5f46b0fff 0x0002/0x0002 0x0040000
27967fc.6058: 00007ff5f46b1000-00007ff5f46bffff 0x0001/0x0000 0x0000000
28067fc.6058: *00007ff5f46c0000-00007ff5f46e2fff 0x0002/0x0002 0x0040000
28167fc.6058: 00007ff5f46e3000-00007ff65fc2ffff 0x0001/0x0000 0x0000000
28267fc.6058: *00007ff65fc30000-00007ff65fc30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28367fc.6058: 00007ff65fc31000-00007ff65fca6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28467fc.6058: 00007ff65fca7000-00007ff65fca7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28567fc.6058: 00007ff65fca8000-00007ff65fceffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28667fc.6058: 00007ff65fcf0000-00007ff65fcf0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28767fc.6058: 00007ff65fcf1000-00007ff65fcf1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28867fc.6058: 00007ff65fcf2000-00007ff65fcf6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
28967fc.6058: 00007ff65fcf7000-00007ff65fcf7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
29067fc.6058: 00007ff65fcf8000-00007ff65fcf8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
29167fc.6058: 00007ff65fcf9000-00007ff65fcfcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
29267fc.6058: 00007ff65fcfd000-00007ff65fd45fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
29367fc.6058: 00007ff65fd46000-00007ffde729ffff 0x0001/0x0000 0x0000000
29467fc.6058: *00007ffde72a0000-00007ffde72a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29567fc.6058: 00007ffde72a1000-00007ffde73b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29667fc.6058: 00007ffde73b8000-00007ffde73fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29767fc.6058: 00007ffde73ff000-00007ffde740afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29867fc.6058: 00007ffde740b000-00007ffde7419fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
29967fc.6058: 00007ffde741a000-00007ffde741afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
30067fc.6058: 00007ffde741b000-00007ffde741dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
30167fc.6058: 00007ffde741e000-00007ffde748ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
30267fc.6058: 00007ffde7490000-00007ffffffeffff 0x0001/0x0000 0x0000000
30367fc.6058: supR3HardNtChildPurify: Done after 525 ms and 0 fixes (loop #0).
3045d34.7ed0: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
3055d34.7ed0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffde72a0000 g_uNtVerCombined=0xa047ba00 (stack ~000000000034f588)
3065d34.7ed0: ntdll.dll: timestamp 0x64d10ee0 (rc=VINF_SUCCESS)
3075d34.7ed0: New simple heap: #1 0000000000700000 LB 0x400000 (for 2031616 allocation)
3085d34.7ed0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3095d34.7ed0: System32: \Device\HarddiskVolume4\Windows\System32
3105d34.7ed0: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
31167fc.6058: supR3HardNtEnableThreadCreationEx:
3125d34.7ed0: KnownDllPath: C:\WINDOWS\System32
3135d34.7ed0: supR3HardenedVmProcessInit: Opening vboxdrv stub...
3145d34.7ed0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3155d34.7ed0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3165d34.7ed0: Registered Dll notification callback with NTDLL.
3175d34.7ed0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
3185d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
3195d34.7ed0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
3205d34.7ed0: supR3HardenedDllNotificationCallback: load 00007ffde43e0000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
3215d34.7ed0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
3225d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
3235d34.7ed0: supR3HardenedDllNotificationCallback: load 00007ffde54e0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
3245d34.7ed0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3255d34.7ed0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde54e0000 'C:\WINDOWS\System32\KERNEL32.DLL'
3265d34.7ed0: supR3HardenedDllNotificationCallback: load 00007ff65fc30000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
3275d34.7ed0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
3285d34.7ed0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
3295d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3305d34.7ed0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffde73117f0 pvNtTerminateThread=00007ffde733cb10
33167fc.6058: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 57 ms.
3325d34.7ed0: \SystemRoot\System32\ntdll.dll:
3335d34.7ed0: CreationTime: 2020-02-12T07:19:30.132238800Z
3345d34.7ed0: LastWriteTime: 2020-02-12T07:19:30.162494800Z
3355d34.7ed0: ChangeTime: 2020-02-12T07:26:33.159262200Z
3365d34.7ed0: FileAttributes: 0x20
3375d34.7ed0: Size: 0x1e8458
3385d34.7ed0: NT Headers: 0xd8
3395d34.7ed0: Timestamp: 0x64d10ee0
3405d34.7ed0: Machine: 0x8664 - amd64
3415d34.7ed0: Timestamp: 0x64d10ee0
3425d34.7ed0: Image Version: 10.0
3435d34.7ed0: SizeOfImage: 0x1f0000 (2031616)
3445d34.7ed0: Resource Dir: 0x17f000 LB 0x6f310
3455d34.7ed0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
3465d34.7ed0: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
3475d34.7ed0: ProductName: Microsoft® Windows® Operating System
3485d34.7ed0: ProductVersion: 10.0.18362.657
3495d34.7ed0: FileVersion: 10.0.18362.657 (WinBuild.160101.0800)
3505d34.7ed0: FileDescription: NT Layer DLL
3515d34.7ed0: \SystemRoot\System32\kernel32.dll:
3525d34.7ed0: CreationTime: 2019-09-10T22:39:29.514755700Z
3535d34.7ed0: LastWriteTime: 2019-09-10T22:39:29.527443800Z
3545d34.7ed0: ChangeTime: 2020-02-12T07:19:59.588854400Z
3555d34.7ed0: FileAttributes: 0x20
3565d34.7ed0: Size: 0xb0570
3575d34.7ed0: NT Headers: 0xe8
3585d34.7ed0: Timestamp: 0xd0cecc10
3595d34.7ed0: Machine: 0x8664 - amd64
3605d34.7ed0: Timestamp: 0xd0cecc10
3615d34.7ed0: Image Version: 10.0
3625d34.7ed0: SizeOfImage: 0xb2000 (729088)
3635d34.7ed0: Resource Dir: 0xb0000 LB 0x520
3645d34.7ed0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3655d34.7ed0: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3665d34.7ed0: ProductName: Microsoft® Windows® Operating System
3675d34.7ed0: ProductVersion: 10.0.18362.329
3685d34.7ed0: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
3695d34.7ed0: FileDescription: Windows NT BASE API Client DLL
3705d34.7ed0: \SystemRoot\System32\KernelBase.dll:
3715d34.7ed0: CreationTime: 2020-02-12T07:19:30.527518200Z
3725d34.7ed0: LastWriteTime: 2020-02-12T07:19:30.574366200Z
3735d34.7ed0: ChangeTime: 2020-02-12T07:26:32.300090000Z
3745d34.7ed0: FileAttributes: 0x20
3755d34.7ed0: Size: 0x2a3508
3765d34.7ed0: NT Headers: 0xf0
3775d34.7ed0: Timestamp: 0xf96f12ee
3785d34.7ed0: Machine: 0x8664 - amd64
3795d34.7ed0: Timestamp: 0xf96f12ee
3805d34.7ed0: Image Version: 10.0
3815d34.7ed0: SizeOfImage: 0x2a3000 (2764800)
3825d34.7ed0: Resource Dir: 0x27d000 LB 0x548
3835d34.7ed0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3845d34.7ed0: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
3855d34.7ed0: ProductName: Microsoft® Windows® Operating System
3865d34.7ed0: ProductVersion: 10.0.18362.628
3875d34.7ed0: FileVersion: 10.0.18362.628 (WinBuild.160101.0800)
3885d34.7ed0: FileDescription: Windows NT BASE API Client DLL
3895d34.7ed0: \SystemRoot\System32\apisetschema.dll:
3905d34.7ed0: CreationTime: 2019-03-19T04:43:54.837151500Z
3915d34.7ed0: LastWriteTime: 2019-03-19T04:43:54.837151500Z
3925d34.7ed0: ChangeTime: 2020-02-12T07:19:59.582022500Z
3935d34.7ed0: FileAttributes: 0x20
3945d34.7ed0: Size: 0x1d028
3955d34.7ed0: NT Headers: 0xc8
3965d34.7ed0: Timestamp: 0xd6ced080
3975d34.7ed0: Machine: 0x8664 - amd64
3985d34.7ed0: Timestamp: 0xd6ced080
3995d34.7ed0: Image Version: 10.0
4005d34.7ed0: SizeOfImage: 0x1e000 (122880)
4015d34.7ed0: Resource Dir: 0x1d000 LB 0x408
4025d34.7ed0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4035d34.7ed0: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
4045d34.7ed0: ProductName: Microsoft® Windows® Operating System
4055d34.7ed0: ProductVersion: 10.0.18362.1
4065d34.7ed0: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
4075d34.7ed0: FileDescription: ApiSet Schema DLL
4085d34.7ed0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
4095d34.7ed0: supR3HardenedWinFindAdversaries: 0x80
4105d34.7ed0: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
4115d34.7ed0: CreationTime: 2018-09-06T04:58:57.414771000Z
4125d34.7ed0: LastWriteTime: 2018-09-27T21:40:37.008033600Z
4135d34.7ed0: ChangeTime: 2019-08-11T01:35:40.506356200Z
4145d34.7ed0: FileAttributes: 0x20
4155d34.7ed0: Size: 0x3f520
4165d34.7ed0: NT Headers: 0xf8
4175d34.7ed0: Timestamp: 0x5b568210
4185d34.7ed0: Machine: 0x8664 - amd64
4195d34.7ed0: Timestamp: 0x5b568210
4205d34.7ed0: Image Version: 10.0
4215d34.7ed0: SizeOfImage: 0x41000 (266240)
4225d34.7ed0: Resource Dir: 0x3f000 LB 0x3b8
4235d34.7ed0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4245d34.7ed0: [Raw version resource data: 0x3f060 LB 0x358, codepage 0x0 (reserved 0x0)]
4255d34.7ed0: ProductName: Malwarebytes SwissArmy
4265d34.7ed0: ProductVersion: 4.3.0.161
4275d34.7ed0: FileVersion: 4.3.0.161
4285d34.7ed0: FileDescription: Malwarebytes SwissArmy
4295d34.7ed0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
4305d34.7ed0: Calling main()
4315d34.7ed0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
4325d34.7ed0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
4335d34.7ed0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
4345d34.7ed0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
4355d34.7ed0: SUPR3HardenedMain: Respawn #2
4365d34.7ed0: supR3HardNtEnableThreadCreationEx:
4375d34.7ed0: supR3HardenedDllNotificationCallback: load 00007ffde6df0000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
4385d34.7ed0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
4395d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
4405d34.7ed0: supR3HardenedDllNotificationCallback: load 00007ffde71c0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
4415d34.7ed0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
4425d34.7ed0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
4435d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
4445d34.7ed0: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
4455d34.7ed0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll)
4465d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4475d34.7ed0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4485d34.7ed0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4495d34.7ed0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4505d34.7ed0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4515d34.7ed0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde72a0000 'C:\WINDOWS\System32\ntdll.dll'
4525d34.7ed0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\apphelp.dll)
4535d34.7ed0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\apphelp.dll
4545d34.7ed0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
4555d34.7ed0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4565d34.7ed0: supR3HardenedDllNotificationCallback: load 00007ffde23a0000 LB 0x0008f000 C:\WINDOWS\system32\apphelp.dll [fFlags=0x0]
4575d34.7ed0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
4585d34.7ed0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntdll.dll [lacks WinVerifyTrust]
4595d34.7ed0: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4605d34.7ed0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde72a0000 'C:\WINDOWS\System32\ntdll.dll'
4615d34.7ed0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde23a0000 'C:\WINDOWS\system32\apphelp.dll'
4625d34.7ed0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffde73117f0 pvNtTerminateThread=00007ffde733cb10
4635d34.7ed0: supR3HardenedWinDoReSpawn(2): New child 409c.acd4 [kernel32].
4645d34.7ed0: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
4655d34.7ed0: supR3HardNtChildGatherData: PebBaseAddress=000000000058f000 cbPeb=0x388
4665d34.7ed0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffde72a0000 uNtDllChildAddr=00007ffde72a0000
4675d34.7ed0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffde73117f0
4685d34.7ed0: supR3HardenedWinSetupChildInit: Initial context:
469 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff65fc37900 rdx=000000000058f000
470 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
471 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
472 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
473 rip=00007ffde730ceb0 rsp=00000000003dfcd8 rbp=0000000000000000 ctxflags=0010001b
474 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
475 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
476 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
477 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
478 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
4795d34.7ed0: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
4805d34.7ed0: supR3HardenedWinSetupChildInit: Start child.
4815d34.7ed0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
4825d34.7ed0: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 58 sleeps
4835d34.7ed0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4845d34.7ed0: *0000000000000000-000000000029ffff 0x0001/0x0000 0x0000000
4855d34.7ed0: *00000000002a0000-00000000002bffff 0x0004/0x0004 0x0020000
4865d34.7ed0: *00000000002c0000-00000000002dafff 0x0002/0x0002 0x0040000
4875d34.7ed0: 00000000002db000-00000000002dffff 0x0001/0x0000 0x0000000
4885d34.7ed0: *00000000002e0000-00000000003dafff 0x0000/0x0004 0x0020000
4895d34.7ed0: 00000000003db000-00000000003ddfff 0x0104/0x0004 0x0020000
4905d34.7ed0: 00000000003de000-00000000003dffff 0x0004/0x0004 0x0020000
4915d34.7ed0: *00000000003e0000-00000000003e3fff 0x0002/0x0002 0x0040000
4925d34.7ed0: 00000000003e4000-00000000003effff 0x0001/0x0000 0x0000000
4935d34.7ed0: *00000000003f0000-00000000003f1fff 0x0004/0x0004 0x0020000
4945d34.7ed0: 00000000003f2000-00000000003fffff 0x0001/0x0000 0x0000000
4955d34.7ed0: *0000000000400000-000000000058efff 0x0000/0x0004 0x0020000
4965d34.7ed0: 000000000058f000-0000000000591fff 0x0004/0x0004 0x0020000
4975d34.7ed0: 0000000000592000-00000000005fffff 0x0000/0x0004 0x0020000
4985d34.7ed0: 0000000000600000-000000007ffdffff 0x0001/0x0000 0x0000000
4995d34.7ed0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
5005d34.7ed0: 000000007ffe1000-000000007ffe9fff 0x0001/0x0000 0x0000000
5015d34.7ed0: *000000007ffea000-000000007ffeafff 0x0002/0x0002 0x0020000
5025d34.7ed0: 000000007ffeb000-00007ff59c64ffff 0x0001/0x0000 0x0000000
5035d34.7ed0: *00007ff59c650000-00007ff59c650fff 0x0002/0x0002 0x0040000
5045d34.7ed0: 00007ff59c651000-00007ff59c65ffff 0x0001/0x0000 0x0000000
5055d34.7ed0: *00007ff59c660000-00007ff59c682fff 0x0002/0x0002 0x0040000
5065d34.7ed0: 00007ff59c683000-00007ff65fc2ffff 0x0001/0x0000 0x0000000
5075d34.7ed0: *00007ff65fc30000-00007ff65fc30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5085d34.7ed0: 00007ff65fc31000-00007ff65fca6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5095d34.7ed0: 00007ff65fca7000-00007ff65fca7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5105d34.7ed0: 00007ff65fca8000-00007ff65fceffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5115d34.7ed0: 00007ff65fcf0000-00007ff65fcf0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5125d34.7ed0: 00007ff65fcf1000-00007ff65fcf1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5135d34.7ed0: 00007ff65fcf2000-00007ff65fcf6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5145d34.7ed0: 00007ff65fcf7000-00007ff65fcf7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5155d34.7ed0: 00007ff65fcf8000-00007ff65fcf8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5165d34.7ed0: 00007ff65fcf9000-00007ff65fcfcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5175d34.7ed0: 00007ff65fcfd000-00007ff65fd45fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5185d34.7ed0: 00007ff65fd46000-00007ffde729ffff 0x0001/0x0000 0x0000000
5195d34.7ed0: *00007ffde72a0000-00007ffde72a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5205d34.7ed0: 00007ffde72a1000-00007ffde73b7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5215d34.7ed0: 00007ffde73b8000-00007ffde73fefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5225d34.7ed0: 00007ffde73ff000-00007ffde740afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5235d34.7ed0: 00007ffde740b000-00007ffde7419fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5245d34.7ed0: 00007ffde741a000-00007ffde741afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5255d34.7ed0: 00007ffde741b000-00007ffde741dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5265d34.7ed0: 00007ffde741e000-00007ffde748ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
5275d34.7ed0: 00007ffde7490000-00007ffffffeffff 0x0001/0x0000 0x0000000
5285d34.7ed0: VirtualBoxVM.exe: timestamp 0x5e1f1d0f (rc=VINF_SUCCESS)
5295d34.7ed0: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
5305d34.7ed0: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
5315d34.7ed0: supR3HardNtChildPurify: Done after 543 ms and 0 fixes (loop #0).
532409c.acd4: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
533409c.acd4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffde72a0000 g_uNtVerCombined=0xa047ba00 (stack ~00000000003df768)
5345d34.7ed0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000700000 LB 0x400000)
535409c.acd4: ntdll.dll: timestamp 0x64d10ee0 (rc=VINF_SUCCESS)
536409c.acd4: New simple heap: #1 0000000000700000 LB 0x400000 (for 2031616 allocation)
5375d34.7ed0: supR3HardNtEnableThreadCreationEx:
538409c.acd4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
539409c.acd4: System32: \Device\HarddiskVolume4\Windows\System32
540409c.acd4: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
541409c.acd4: KnownDllPath: C:\WINDOWS\System32
542409c.acd4: supR3HardenedVmProcessInit: Opening vboxdrv...
543409c.acd4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
544409c.acd4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
545409c.acd4: Registered Dll notification callback with NTDLL.
546409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
547409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
548409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
549409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde43e0000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
550409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
551409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
552409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde54e0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
553409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
554409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde54e0000 'C:\WINDOWS\System32\KERNEL32.DLL'
555409c.acd4: supR3HardenedDllNotificationCallback: load 00007ff65fc30000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
556409c.acd4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
557409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
558409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
559409c.acd4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffde73117f0 pvNtTerminateThread=00007ffde733cb10
5605d34.7ed0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 76 ms.
561409c.acd4: \SystemRoot\System32\ntdll.dll:
562409c.acd4: CreationTime: 2020-02-12T07:19:30.132238800Z
563409c.acd4: LastWriteTime: 2020-02-12T07:19:30.162494800Z
564409c.acd4: ChangeTime: 2020-02-12T07:26:33.159262200Z
565409c.acd4: FileAttributes: 0x20
566409c.acd4: Size: 0x1e8458
567409c.acd4: NT Headers: 0xd8
568409c.acd4: Timestamp: 0x64d10ee0
569409c.acd4: Machine: 0x8664 - amd64
570409c.acd4: Timestamp: 0x64d10ee0
571409c.acd4: Image Version: 10.0
572409c.acd4: SizeOfImage: 0x1f0000 (2031616)
573409c.acd4: Resource Dir: 0x17f000 LB 0x6f310
574409c.acd4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
575409c.acd4: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
576409c.acd4: ProductName: Microsoft® Windows® Operating System
577409c.acd4: ProductVersion: 10.0.18362.657
578409c.acd4: FileVersion: 10.0.18362.657 (WinBuild.160101.0800)
579409c.acd4: FileDescription: NT Layer DLL
580409c.acd4: \SystemRoot\System32\kernel32.dll:
581409c.acd4: CreationTime: 2019-09-10T22:39:29.514755700Z
582409c.acd4: LastWriteTime: 2019-09-10T22:39:29.527443800Z
583409c.acd4: ChangeTime: 2020-02-12T07:19:59.588854400Z
584409c.acd4: FileAttributes: 0x20
585409c.acd4: Size: 0xb0570
586409c.acd4: NT Headers: 0xe8
587409c.acd4: Timestamp: 0xd0cecc10
588409c.acd4: Machine: 0x8664 - amd64
589409c.acd4: Timestamp: 0xd0cecc10
590409c.acd4: Image Version: 10.0
591409c.acd4: SizeOfImage: 0xb2000 (729088)
592409c.acd4: Resource Dir: 0xb0000 LB 0x520
593409c.acd4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
594409c.acd4: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
595409c.acd4: ProductName: Microsoft® Windows® Operating System
596409c.acd4: ProductVersion: 10.0.18362.329
597409c.acd4: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
598409c.acd4: FileDescription: Windows NT BASE API Client DLL
599409c.acd4: \SystemRoot\System32\KernelBase.dll:
600409c.acd4: CreationTime: 2020-02-12T07:19:30.527518200Z
601409c.acd4: LastWriteTime: 2020-02-12T07:19:30.574366200Z
602409c.acd4: ChangeTime: 2020-02-12T07:26:32.300090000Z
603409c.acd4: FileAttributes: 0x20
604409c.acd4: Size: 0x2a3508
605409c.acd4: NT Headers: 0xf0
606409c.acd4: Timestamp: 0xf96f12ee
607409c.acd4: Machine: 0x8664 - amd64
608409c.acd4: Timestamp: 0xf96f12ee
609409c.acd4: Image Version: 10.0
610409c.acd4: SizeOfImage: 0x2a3000 (2764800)
611409c.acd4: Resource Dir: 0x27d000 LB 0x548
612409c.acd4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
613409c.acd4: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
614409c.acd4: ProductName: Microsoft® Windows® Operating System
615409c.acd4: ProductVersion: 10.0.18362.628
616409c.acd4: FileVersion: 10.0.18362.628 (WinBuild.160101.0800)
617409c.acd4: FileDescription: Windows NT BASE API Client DLL
618409c.acd4: \SystemRoot\System32\apisetschema.dll:
619409c.acd4: CreationTime: 2019-03-19T04:43:54.837151500Z
620409c.acd4: LastWriteTime: 2019-03-19T04:43:54.837151500Z
621409c.acd4: ChangeTime: 2020-02-12T07:19:59.582022500Z
622409c.acd4: FileAttributes: 0x20
623409c.acd4: Size: 0x1d028
624409c.acd4: NT Headers: 0xc8
625409c.acd4: Timestamp: 0xd6ced080
626409c.acd4: Machine: 0x8664 - amd64
627409c.acd4: Timestamp: 0xd6ced080
628409c.acd4: Image Version: 10.0
629409c.acd4: SizeOfImage: 0x1e000 (122880)
630409c.acd4: Resource Dir: 0x1d000 LB 0x408
631409c.acd4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
632409c.acd4: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
633409c.acd4: ProductName: Microsoft® Windows® Operating System
634409c.acd4: ProductVersion: 10.0.18362.1
635409c.acd4: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
636409c.acd4: FileDescription: ApiSet Schema DLL
637409c.acd4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
638409c.acd4: supR3HardenedWinFindAdversaries: 0x80
639409c.acd4: \SystemRoot\System32\drivers\MBAMSwissArmy.sys:
640409c.acd4: CreationTime: 2018-09-06T04:58:57.414771000Z
641409c.acd4: LastWriteTime: 2018-09-27T21:40:37.008033600Z
642409c.acd4: ChangeTime: 2019-08-11T01:35:40.506356200Z
643409c.acd4: FileAttributes: 0x20
644409c.acd4: Size: 0x3f520
645409c.acd4: NT Headers: 0xf8
646409c.acd4: Timestamp: 0x5b568210
647409c.acd4: Machine: 0x8664 - amd64
648409c.acd4: Timestamp: 0x5b568210
649409c.acd4: Image Version: 10.0
650409c.acd4: SizeOfImage: 0x41000 (266240)
651409c.acd4: Resource Dir: 0x3f000 LB 0x3b8
652409c.acd4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
653409c.acd4: [Raw version resource data: 0x3f060 LB 0x358, codepage 0x0 (reserved 0x0)]
654409c.acd4: ProductName: Malwarebytes SwissArmy
655409c.acd4: ProductVersion: 4.3.0.161
656409c.acd4: FileVersion: 4.3.0.161
657409c.acd4: FileDescription: Malwarebytes SwissArmy
658409c.acd4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
659409c.acd4: Calling main()
660409c.acd4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
661409c.acd4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
662409c.acd4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
663409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
664409c.acd4: SUPR3HardenedMain: Final process, opening VBoxDrv...
665409c.acd4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000700000 LB 0x400000)
666409c.acd4: supR3HardNtEnableThreadCreationEx:
667409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
668409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
669409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
670409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
671409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffddf790000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
672409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
673409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
674409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
675409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddf790000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
676409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
677409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
678409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddf790000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
679409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddf790000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
680409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
681409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
682409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
683409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
684409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
685409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
686409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
687409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
688409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
689409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
690409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
691409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
692409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
693409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
694409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
695409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
696409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
697409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
698409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
699409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
700409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
701409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
702409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
703409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
704409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
705409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
706409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
707409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde6f90000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
708409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
709409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4210000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
710409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
711409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4230000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
712409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
713409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
714409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4f90000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
715409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
716409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde6df0000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
717409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
718409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4710000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
719409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
720409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
721409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
722409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-synch-l1-2-0'
723409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
724409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
725409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-fibers-l1-1-1'
726409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
727409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
728409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-fibers-l1-1-1'
729409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
730409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
731409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-synch-l1-2-0'
732409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
733409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
734409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-localization-l1-2-1'
735409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4710000 'C:\WINDOWS\system32\Wintrust.dll'
736409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
737409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
738409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
739409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4330000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
740409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
741409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4330000 'C:\WINDOWS\system32\bcrypt.dll'
742409c.acd4: bcrypt.dll loaded at 00007ffde4330000, BCryptOpenAlgorithmProvider at 00007ffde4334c70, preloading providers:
743409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
744409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
745409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
746409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4690000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
747409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
748409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4690000 'C:\WINDOWS\system32\bcryptprimitives.dll'
749409c.acd4: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000bddf30)
750409c.acd4: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000bdf4a0)
751409c.acd4: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000bdf7a0)
752409c.acd4: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000bdfaa0)
753409c.acd4: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000bdfda0)
754409c.acd4: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000be00a0)
755409c.acd4: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000be03a0)
756409c.acd4: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000be06a0)
757409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde5280000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
758409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
759409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
760409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
761409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
762409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
763409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
764409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
765409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
766409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
767409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
768409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde3550000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
769409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
770409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
771409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
772409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
773409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
774409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde3bb0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
775409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
776409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
777409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
778409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
779409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
780409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
781409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde54e0000 'C:\WINDOWS\System32\kernel32.dll'
782409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
783409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
784409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4710000 'C:\WINDOWS\System32\WINTRUST.DLL'
785409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
786409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
787409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\CRYPT32.dll'
788409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde5350000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
789409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
790409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
791409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
792409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
793409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
794409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
795409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
796409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
797409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
798409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde71c0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
799409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
800409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
801409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
802409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
803409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
804409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
805409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
806409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde2d90000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
807409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
808409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde41d0000 LB 0x0001f000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
809409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
810409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
811409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
812409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
813409c.acd4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
814409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
815409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
816409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
817409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
818409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
819409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
820409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
821409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
822409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
823409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
824409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
825409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
826409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
827409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
828409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
829409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
830409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
831409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
832409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdd8720000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
833409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
834409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
835409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
836409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
837409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
838409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
839409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
840409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
841409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
842409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
843409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
844409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
845409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
846409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
847409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
848409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
849409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
850409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
851409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
852409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
853409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
854409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
855409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
856409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
857409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
858409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
859409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
860409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
861409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
862409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\WINDOWS\System32\cryptnet.dll'
863409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
864409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd8720000 'C:\Windows\System32\cryptnet.dll'
865409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde5fd0000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
866409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
867409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
868409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
869409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
870409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
871409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
872409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
873409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
874409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
875409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
876409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
877409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
878409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
879409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
880409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
881409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
882409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
883409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
884409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
885409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
886409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
887409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000bf0bf0
888409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
889409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=95FD49F93AE6ADF9D4DE48632E3114C0D5FFE7A0
890409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
891409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
892409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6df0000 'C:\WINDOWS\System32\rpcrt4.dll'
893409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
894409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
895409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
896409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
897409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
898409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
899409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\SystemRoot\System32\ntdll.dll'
900409c.acd4: g_pfnWinVerifyTrust=00007ffde47161f0
901409c.acd4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
902409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
903409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
904409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
905409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
906409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
907409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
908409c.acd4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
909409c.acd4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
910409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
911409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
912409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
913409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
914409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
915409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
916409c.acd4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
917409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
918409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
919409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
920409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
921409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
922409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
923409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
924409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
925409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
926409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
927409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
928409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
929409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
930409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
931409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
932409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
933409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
934409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
935409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
936409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
937409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
938409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
939409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
940409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
941409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
942409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
943409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
944409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
945409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
946409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
947409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
948409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
949409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
950409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
951409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
952409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
953409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
954409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
955409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
956409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
957409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
958409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
959409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
960409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
961409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
962409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
963409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
964409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
965409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
966409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
967409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
968409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
969409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
970409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
971409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll'
972409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
973409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
974409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
975409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
976409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
977409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
978409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
979409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
980409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
981409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
982409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
983409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
984409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
985409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
986409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
987409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
988409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
989409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
990409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
991409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\system32\crypt32.dll'
992409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
993409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
994409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
995409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
996409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
997409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
998409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
999409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1000409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1001409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
1002409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1003409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1004409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1005409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
1006409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xa12b07674f1bf600 C=US, O=AffirmTrust, CN=AffirmTrust Commercial
1007409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
1008409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1009409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1010409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1011409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1012409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1013409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1014409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
1015409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x266e9b638ffac00 C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1
1016409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1017409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1018409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1019409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1020409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1021409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1022409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1023409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1024409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1025409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1026409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xd41691e475fb8515 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority
1027409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1028409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
1029409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1030409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1031409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1032409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1033409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1034409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1035409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x88db8dee0f25e100 C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority
1036409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1037409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1038409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1039409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
1040409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
1041409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
1042409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
1043409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
1044409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1045409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1046409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1047409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1048409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1049409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1050409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1051409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1052409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1053409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
1054409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
1055409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1056409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1057409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1058409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
1059409c.acd4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1060409c.acd4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=68
1061409c.acd4: SUPR3HardenedMain: Load Runtime...
1062409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1063409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1064409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1065409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1066409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1067409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1068409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1069409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1070409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1071409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1072409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1073409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1074409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
1075409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1076409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1077409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1078409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
1079409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1080409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1081409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1082409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1083409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
1084409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1085409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1086409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1087409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1088409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1089409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1090409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1091409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1092409c.acd4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1093409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
1094409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1095409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1096409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1097409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1098409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1099409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1100409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1101409c.acd4: supR3HardenedDllNotificationCallback: load 0000000052970000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1102409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1103409c.acd4: supR3HardenedDllNotificationCallback: load 0000000052360000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1104409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1105409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde6090000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
1106409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1107409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffda54c0000 LB 0x005e9000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1108409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1109409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1110409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1111409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1112409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1113409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1114409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1115409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1116409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1117409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1118409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1119409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1120409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1121409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1122409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1123409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1124409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1125409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1126409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1127409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1128409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1129409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1130409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1131409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1132409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1133409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1134409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1135409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1136409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1137409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1138409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1139409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1140409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1141409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1142409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1143409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1144409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1145409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1146409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1147409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1148409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1149409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1150409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1151409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1152409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1153409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1154409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1155409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1156409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1157409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1158409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1159409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1160409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1161409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1162409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1163409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1164409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1165409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1166409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1167409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1168409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1169409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1170409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1171409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1172409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1173409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1174409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1175409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1176409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1177409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1178409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1179409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1180409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1181409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1182409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1183409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1184409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1185409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1186409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1187409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1188409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1189409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1190409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1191409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1192409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1193409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1194409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1195409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1196409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1197409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1198409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1199409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1200409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1201409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1202409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1203409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1204409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1205409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1206409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1207409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1208409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1209409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1210409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1211409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1212409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1213409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1214409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1215409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1216409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1217409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1218409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1219409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1220409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1221409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1222409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1223409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1224409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1225409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1226409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1227409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1228409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1229409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1230409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1231409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1232409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1233409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1234409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1235409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1236409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1237409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1238409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1239409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1240409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1241409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1242409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1243409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1244409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1245409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1246409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1247409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1248409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1249409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1250409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1251409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1252409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1253409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1254409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1255409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1256409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1257409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1258409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1259409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1260409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1261409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1262409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1263409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1264409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1265409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1266409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1267409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1268409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1269409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1270409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1271409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1272409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1273409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1274409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1275409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1276409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1277409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1278409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1279409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1280409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1281409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1282409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1283409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1284409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1285409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda54c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1286409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1287409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
1288409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
1289409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1290409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4710000 'C:\WINDOWS\system32\Wintrust.dll'
1291409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
1292409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1293409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1294409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1295409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1296409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1297409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\system32\crypt32.dll'
1298409c.acd4: SUPR3HardenedMain: Load TrustedMain...
1299409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1300409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1301409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1302409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1303409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1304409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1305409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1306409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1307409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1308409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1309409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1310409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1311409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1312409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1313409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1314409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1315409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1316409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1317409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1318409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1319409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1320409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1321409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
1322409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
1323409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1324409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1325409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1326409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1327409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
1328409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1329409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1330409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
1331409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1332409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
1333409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
1334409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1335409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1336409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
1337409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1338409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
1339409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1340409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1341409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1342409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1343409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
1344409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
1345409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
1346409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1347409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1348409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1349409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1350409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1351409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1352409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1353409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1354409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'bcryptprimitives.dll'.
1355409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
1356409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
1357409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1358409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1359409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1360409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
1361409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
1362409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1363409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1364409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
1365409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1366409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1367409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1368409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1369409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
1370409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
1371409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
1372409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
1373409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
1374409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
1375409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1376409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1377409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1378409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1379409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
1380409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1381409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1382409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1383409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1384409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1385409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
1386409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
1387409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1388409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1389409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1390409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
1391409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
1392409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1393409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1394409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1395409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1396409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1397409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
1398409c.acd4: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
1399409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
1400409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
1401409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1402409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1403409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1404409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1405409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1406409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1407409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1408409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1409409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1410409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1411409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) WinVerifyTrust
1412409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1413409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1414409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1415409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1416409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1417409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1418409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1419409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1420409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1421409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1422409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1423409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1424409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1425409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1426409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1427409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1428409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1429409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1430409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1431409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1432409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1433409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1434409c.acd4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1435409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1436409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1437409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1438409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1439409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1440409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1441409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1442409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1443409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1444409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1445409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1446409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1447409c.acd4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1448409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1449409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1450409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1451409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1452409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1453409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1454409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1455409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1456409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1457409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1458409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1459409c.acd4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1460409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1461409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1462409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1463409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1464409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1465409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1466409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1467409c.acd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1468409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1469409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1470409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1471409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1472409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1473409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1474409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1475409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1476409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1477409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
1478409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
1479409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
1480409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
1481409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
1482409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1483409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1484409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1485409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1486409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1487409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1488409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1489409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1490409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1491409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1492409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1493409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1494409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1495409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1496409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1497409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1498409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1499409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1500409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1501409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1502409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1503409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1504409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1505409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1506409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1507409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1508409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1509409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1510409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1511409c.acd4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
1512409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1513409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1514409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1515409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1516409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
1517409c.acd4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
1518409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
1519409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1520409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1521409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1522409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1523409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1524409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1525409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1526409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1527409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1528409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1529409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1530409c.acd4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
1531409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
1532409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
1533409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1534409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1535409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1536409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1537409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1538409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1539409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1540409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1541409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1542409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1543409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1544409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1545409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1546409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1547409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1548409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1549409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1550409c.acd4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
1551409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1552409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1553409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1554409c.acd4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
1555409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
1556409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1557409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1558409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1559409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1560409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1561409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1562409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1563409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1564409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1565409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1566409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1567409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
1568409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1569409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1570409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1571409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1572409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1573409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1574409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1575409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1576409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1577409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1578409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1579409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1580409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1581409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1582409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
1583409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1584409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1585409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1586409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1587409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1588409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1589409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1590409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1591409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1592409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1593409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1594409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1595409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1596409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1597409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1598409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1599409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1600409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1601409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1602409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1603409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1604409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1605409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1606409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1607409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1608409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1609409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1610409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1611409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1612409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1613409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1614409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1615409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1616409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1617409c.acd4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1618409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1619409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1620409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1621409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1622409c.acd4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1623409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1624409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1625409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1626409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1627409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1628409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1629409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1630409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1631409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1632409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1633409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1634409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1635409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1636409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1637409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1638409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1639409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1640409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1641409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1642409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1643409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1644409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1645409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
1646409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1647409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1648409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1649409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a0 pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
1650409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
1651409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
1652409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1653409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1654409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1655409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1656409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1657409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
1658409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1659409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1660409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1661409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1662409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1663409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1664409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1665409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1666409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1667409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1668409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1669409c.acd4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
1670409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1671409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1672409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1673409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1674409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1675409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1676409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1677409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1678409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1679409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1680409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
1681409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
1682409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
1683409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1684409c.acd4: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
1685409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1686409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1687409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
1688409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
1689409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1690409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1691409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1692409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1693409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
1694409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1695409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1696409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1697409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1698409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
1699409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DXCore.dll)
1700409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DXCore.dll
1701409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde43b0000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
1702409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
1703409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4ef0000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
1704409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
1705409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde50e0000 LB 0x00194000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
1706409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1707409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
1708409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
1709409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
1710409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32full.dll)
1711409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32full.dll
1712409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde5fa0000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
1713409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
1714409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde6b30000 LB 0x00194000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
1715409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [avoiding WinVerifyTrust]
1716409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde67f0000 LB 0x00336000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
1717409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1718409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4360000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
1719409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
1720409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
1721409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde2de0000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
1722409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
1723409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffddf800000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
1724409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1725409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdaeb80000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1726409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
1727409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde7110000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
1728409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1729409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
1730409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
1731409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
1732409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
1733409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4170000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0]
1734409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\umpdc.dll)
1735409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\umpdc.dll
1736409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4180000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
1737409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1738409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
1739409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll)
1740409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
1741409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde6cd0000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
1742409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1743409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
1744409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
1745409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
1746409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
1747409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde41f0000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
1748409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
1749409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
1750409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
1751409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
1752409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4770000 LB 0x0077f000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
1753409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
1754409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
1755409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
1756409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
1757409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\windows.storage.dll)
1758409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\windows.storage.dll
1759409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde6100000 LB 0x006e5000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
1760409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
1761409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde5e40000 LB 0x00156000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
1762409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1763409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdc6430000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
1764409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1765409c.acd4: supR3HardenedDllNotificationCallback: load 0000000052400000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1766409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1767409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdad280000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1768409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1769409c.acd4: supR3HardenedDllNotificationCallback: load 0000000051df0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1770409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1771409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde7030000 LB 0x000c4000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
1772409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
1773409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffd81a50000 LB 0x02609000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
1774409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
1775409c.acd4: supR3HardenedDllNotificationCallback: load 0000000051d90000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1776409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1777409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdd7230000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
1778409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1779409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdd7260000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
1780409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
1781409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffda0b20000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
1782409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1783409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
1784409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
1785409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
1786409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
1787409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
1788409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
1789409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
1790409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
1791409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
1792409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
1793409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
1794409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
1795409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
1796409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
1797409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
1798409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
1799409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
1800409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
1801409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
1802409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
1803409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
1804409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
1805409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
1806409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
1807409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1808409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1809409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
1810409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
1811409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1812409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
1813409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1814409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
1815409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1816409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
1817409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1818409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
1819409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
1820409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
1821409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
1822409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1823409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1824409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
1825409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1826409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1827409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1828409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1829409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1830409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1831409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
1832409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1833409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1834409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
1835409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1836409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
1837409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1838409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1839409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1840409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1841409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1842409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1843409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
1844409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1845409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
1846409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1847409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1848409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1849409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1850409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1851409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1852409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1853409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
1854409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
1855409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
1856409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
1857409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\umpdc.dll
1858409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1859409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1860409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1861409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1862409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
1863409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1864409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
1865409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1866409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1867409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
1868409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1869409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1870409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1871409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1872409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1873409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
1874409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
1875409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1876409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1877409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
1878409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1879409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
1880409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1881409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1882409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1883409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1884409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1885409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1886409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1887409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1888409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1889409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
1890409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1891409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1892409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1893409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
1894409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
1895409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1896409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1897409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1898409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1899409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
1900409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1901409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde54e0000 'C:\WINDOWS\System32\kernel32.dll'
1902409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
1903409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
1904409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
1905409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
1906409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
1907409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
1908409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
1909409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
1910409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
1911409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
1912409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
1913409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
1914409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
1915409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
1916409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
1917409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
1918409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
1919409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
1920409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
1921409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
1922409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
1923409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
1924409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
1925409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
1926409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1927409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1928409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
1929409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
1930409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1931409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
1932409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1933409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
1934409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1935409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
1936409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1937409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
1938409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
1939409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
1940409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
1941409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
1942409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
1943409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
1944409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
1945409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
1946409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
1947409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
1948409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
1949409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
1950409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
1951409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
1952409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
1953409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
1954409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
1955409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
1956409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
1957409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
1958409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
1959409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
1960409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
1961409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
1962409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
1963409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
1964409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1965409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1966409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
1967409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
1968409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1969409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
1970409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1971409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
1972409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
1973409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
1974409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1975409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
1976409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
1977409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
1978409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
1979409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1980409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-string-l1-1-0'
1981409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
1982409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
1983409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
1984409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
1985409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
1986409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
1987409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
1988409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
1989409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
1990409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
1991409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
1992409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
1993409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
1994409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
1995409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
1996409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
1997409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
1998409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
1999409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2000409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2001409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2002409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2003409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2004409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2005409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2006409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2007409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2008409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2009409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2010409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2011409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2012409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2013409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2014409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2015409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2016409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2017409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2018409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2019409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2020409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2021409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2022409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2023409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2024409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2025409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2026409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2027409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2028409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2029409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2030409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2031409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2032409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2033409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2034409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2035409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2036409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2037409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2038409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2039409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2040409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2041409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2042409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2043409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2044409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2045409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2046409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2047409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2048409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2049409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2050409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2051409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2052409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2053409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2054409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2055409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2056409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2057409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
2058409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2059409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-datetime-l1-1-1'
2060409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2061409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2062409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2063409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2064409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2065409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2066409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2067409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2068409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2069409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2070409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2071409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2072409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2073409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2074409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2075409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2076409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2077409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2078409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2079409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2080409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2081409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2082409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2083409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2084409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2085409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2086409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2087409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2088409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2089409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2090409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2091409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2092409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2093409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2094409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2095409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2096409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2097409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2098409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2099409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2100409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2101409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2102409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2103409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2104409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2105409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2106409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2107409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2108409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2109409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2110409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2111409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2112409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2113409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2114409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2115409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2116409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2117409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2118409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2119409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2120409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2121409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2122409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2123409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2124409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2125409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2126409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2127409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2128409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2129409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2130409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2131409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2132409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2133409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2134409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2135409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2136409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
2137409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2138409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-localization-obsolete-l1-2-0'
2139409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2140409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2141409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2142409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2143409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2144409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2145409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2146409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2147409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2148409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2149409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2150409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2151409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2152409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2153409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2154409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2155409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2156409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2157409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2158409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2159409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2160409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2161409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2162409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2163409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2164409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2165409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2166409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2167409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2168409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2169409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2170409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2171409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2172409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2173409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2174409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2175409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2176409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2177409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2178409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2179409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2180409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2181409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2182409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2183409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2184409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2185409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2186409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2187409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2188409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2189409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2190409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2191409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2192409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2193409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2194409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2195409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2196409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2197409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2198409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2199409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2200409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2201409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2202409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2203409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2204409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2205409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2206409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2207409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2208409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2209409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2210409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2211409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2212409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2213409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2214409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2215409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
2216409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
2217409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
2218409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
2219409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
2220409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2221409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2222409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2223409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2224409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\win32u.dll
2225409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2226409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2227409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
2228409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2229409c.acd4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\user32.dll
2230409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2231409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde5370000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
2232409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
2233409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5370000 'C:\WINDOWS\system32\IMM32.DLL'
2234409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
2235409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
2236409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2237409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2238409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2239409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2240409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2241409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2242409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2243409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2244409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2245409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2246409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2247409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2248409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2249409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2250409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2251409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2252409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2253409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2254409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2255409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2256409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2257409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2258409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2259409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2260409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2261409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2262409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2263409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2264409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2265409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2266409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2267409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2268409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2269409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2270409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2271409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2272409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2273409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2274409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
2275409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
2276409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2277409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2278409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2279409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2280409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2281409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2282409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2283409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2284409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2285409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2286409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2287409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2288409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2289409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2290409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2291409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2292409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2293409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2294409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2295409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2296409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2297409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2298409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2299409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2300409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2301409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2302409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2303409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2304409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2305409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2306409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2307409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2308409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2309409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2310409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2311409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2312409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2313409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2314409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2315409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2316409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5fd0000 'C:\WINDOWS\System32\ADVAPI32.DLL'
2317409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
2318409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
2319409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'.
2320409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll' [rescheduled]
2321409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'.
2322409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll' [rescheduled]
2323409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
2324409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
2325409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'.
2326409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rescheduled]
2327409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'.
2328409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll' [rescheduled]
2329409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
2330409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
2331409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
2332409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
2333409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'.
2334409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll' [rescheduled]
2335409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'.
2336409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll' [rescheduled]
2337409c.acd4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
2338409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
2339409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
2340409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rescheduled]
2341409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
2342409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rescheduled]
2343409c.acd4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2344409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2345409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
2346409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rescheduled]
2347409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
2348409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rescheduled]
2349409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
2350409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rescheduled]
2351409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
2352409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rescheduled]
2353409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
2354409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
2355409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
2356409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
2357409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda0b20000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
2358409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2359409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2360409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll'
2361409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2362409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2363409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\windows.storage.dll'
2364409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2365409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2366409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'
2367409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2368409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2369409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'
2370409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2371409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2372409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\powrprof.dll'
2373409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2374409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2375409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\umpdc.dll'
2376409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2377409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2378409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'
2379409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2380409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2381409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'
2382409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2383409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2384409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32full.dll'
2385409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2386409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2387409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\DXCore.dll'
2388409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004a8 pwszName=\Device\HarddiskVolume4\Windows\System32\glu32.dll
2389409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2390409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2391409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2392409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2393409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2394409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume4\Windows\System32\glu32.dll'
2395409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2396409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll'
2397409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2398409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2399409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll'
2400409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2401409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2402409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
2403409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2404409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
2405409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2406409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2407409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll'
2408409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2409409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2410409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
2411409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2412409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2413409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
2414409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2415409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2416409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'
2417409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2418409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2419409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
2420409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
2421409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2422409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2423409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2424409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'
2425409c.acd4: SUPR3HardenedMain: Calling TrustedMain (00007ffda0b216c0)...
2426409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2427409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
2428409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
2429409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2430409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
2431409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
2432409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2433409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2434409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
2435409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2436409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2437409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2438409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2439409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2440409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2441409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2442409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2443409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2444409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2445409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2446409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2447409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2448409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2449409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2450409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2451409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2452409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2453409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
2454409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2455409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2456409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2457409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2458409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2459409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
2460409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2461409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2462409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
2463409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2464409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2465409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2466409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2467409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2468409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2469409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2470409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2471409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2472409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdaea50000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2473409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2474409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdaea50000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2475409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000063c pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2476409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2477409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2478409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=286AD1CEC16EFDCA5718925D19E68A486A5851A0
2479409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2480409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2481409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
2482409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2483409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2484409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
2485409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
2486409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) WinVerifyTrust
2487409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2488409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2489409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2490409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2491409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2492409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2493409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2494409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2495409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2496409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde24f0000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
2497409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2498409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde24f0000 'C:\WINDOWS\system32\uxtheme.dll'
2499409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6b30000 'C:\WINDOWS\system32\user32.dll'
2500409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
2501409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2502409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6100000 'C:\WINDOWS\system32\shell32.dll'
2503409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
2504409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2505409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde7110000 'C:\WINDOWS\system32\SHCore.dll'
2506409c.acd4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
2507409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
2508409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
2509409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2510409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\system32\winmm.dll'
2511409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
2512409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2513409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\system32\winmm.dll'
2514409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
2515409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2516409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6100000 'C:\WINDOWS\system32\shell32.dll'
2517409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2518409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2519409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde24f0000 'C:\WINDOWS\system32\uxtheme.dll'
2520409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2521409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2522409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5fd0000 'C:\WINDOWS\system32\advapi32.dll'
2523409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2524409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2525409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2526409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
2527409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) WinVerifyTrust
2528409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
2529409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
2530409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
2531409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
2532409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2533409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2534409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2535409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
2536409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde4060000 LB 0x00025000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
2537409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
2538409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4060000 'C:\WINDOWS\system32\userenv.dll'
2539409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2540409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2541409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde54e0000 'C:\WINDOWS\System32\kernel32.dll'
2542409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde56e0000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
2543409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2544409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
2545409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
2546409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
2547409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2548409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2549409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2550409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2551409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2552409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2553409c.6f24: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
2554409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2555409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2556409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2557409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2558409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2559409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2560409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2561409c.6f24: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2562409c.6f24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2563409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2564409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2565409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2566409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2567409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2568409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2569409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2570409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2571409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2572409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2573409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2574409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2575409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2576409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
2577409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2578409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2579409c.6f24: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2580409c.6f24: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2581409c.6f24: supR3HardenedDllNotificationCallback: load 00007ffdaced0000 LB 0x003b0000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2582409c.6f24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2583409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdaced0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2584409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2585409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2586409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2587409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2588409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2589409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2590409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2591409c.6f24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2592409c.6f24: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2593409c.6f24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2594409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2595409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2596409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2597409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2598409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2599409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2600409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2601409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2602409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2603409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2604409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
2605409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2606409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2607409c.6f24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2608409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2609409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2610409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2611409c.6f24: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2612409c.6f24: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2613409c.6f24: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2614409c.6f24: supR3HardenedDllNotificationCallback: load 00007ffda6060000 LB 0x000ed000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2615409c.6f24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2616409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffda6060000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2617409c.6f24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2618409c.6f24: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2619409c.6f24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde7030000 'C:\Windows\System32\oleaut32.dll'
2620409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5fa0000 'C:\WINDOWS\system32\gdi32.dll'
2621409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde53a0000 LB 0x00135000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
2622409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2623409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
2624409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
2625409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
2626409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
2627409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
2628409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
2629409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
2630409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2631409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2632409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2633409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2634409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll
2635409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2636409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2637409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2638409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2639409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
2640409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2641409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2642409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2643409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2644409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2645409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2646409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2647409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll'
2648409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009ac pwszName=\Device\HarddiskVolume4\Windows\System32\DataExchange.dll
2649409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2650409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2651409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3632E0380EF7C400BBC7C4B0B9ED8D9F9860503B
2652409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2653409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2654409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\DataExchange.dll'
2655409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2656409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2657409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
2658409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
2659409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
2660409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
2661409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\DataExchange.dll) WinVerifyTrust
2662409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
2663409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
2664409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume4\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
2665409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2666409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2667409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
2668409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
2669409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dcomp.dll) WinVerifyTrust
2670409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dcomp.dll
2671409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
2672409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume4\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
2673409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2674409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2675409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
2676409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2677409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2678409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll
2679409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2680409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2681409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2682409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
2683409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
2684409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\d3d11.dll) WinVerifyTrust
2685409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\d3d11.dll
2686409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2687409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2688409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
2689409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2690409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2691409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
2692409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2693409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2694409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2695409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2696409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll
2697409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
2698409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume4\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
2699409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2700409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2701409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2702409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
2703409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dxgi.dll) WinVerifyTrust
2704409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dxgi.dll
2705409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2706409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2707409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
2708409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2709409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2710409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2711409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2712409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2713409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
2714409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
2715409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
2716409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll
2717409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde2e70000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
2718409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dxgi.dll
2719409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde14f0000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
2720409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\d3d11.dll
2721409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde1bc0000 LB 0x001db000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
2722409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dcomp.dll
2723409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdc13f0000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
2724409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\DataExchange.dll
2725409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5fa0000 'C:\WINDOWS\System32\gdi32.dll'
2726409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdc13f0000 'C:\WINDOWS\system32\dataexchange.dll'
2727409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
2728409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
2729409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
2730409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
2731409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll)
2732409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll
2733409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2734409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
2735409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rmclient.dll)
2736409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rmclient.dll
2737409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde2940000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
2738409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
2739409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde25b0000 LB 0x0025a000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
2740409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
2741409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2742409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2743409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2744409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2745409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2746409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2747409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
2748409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2749409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2750409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
2751409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2752409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2753409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
2754409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume4\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
2755409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
2756409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2757409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2758409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rmclient.dll'
2759409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2760409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
2761409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2762409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2763409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\twinapi.appcore.dll'
2764409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
2765409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2766409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde7110000 'C:\WINDOWS\system32\Shcore.dll'
2767409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2768409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
2769409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
2770409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
2771409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll)
2772409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
2773409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2774409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
2775409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
2776409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll)
2777409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
2778409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2779409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll)
2780409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
2781409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntmarta.dll)
2782409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntmarta.dll
2783409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
2784409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
2785409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
2786409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\WinTypes.dll)
2787409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\WinTypes.dll
2788409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde31d0000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
2789409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
2790409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde2140000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
2791409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
2792409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffde0800000 LB 0x00153000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
2793409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
2794409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdd0d30000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
2795409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
2796409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdd07a0000 LB 0x0009e000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
2797409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
2798409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
2799409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
2800409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
2801409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2802409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2803409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2804409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2805409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
2806409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2807409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2808409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2809409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2810409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
2811409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2812409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2813409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
2814409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2815409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2816409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2817409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2818409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
2819409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
2820409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
2821409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
2822409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2823409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2824409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2825409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2826409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2827409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2828409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\WinTypes.dll'
2829409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2830409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2831409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntmarta.dll'
2832409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2833409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2834409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll'
2835409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2836409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2837409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll'
2838409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2839409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2840409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll'
2841409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
2842409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2843409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6b30000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
2844409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
2845409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2846409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6b30000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
2847409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
2848409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2849409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde67f0000 'api-ms-win-core-com-l1-1-0.dll'
2850409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2851409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\iertutil.dll)
2852409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\iertutil.dll
2853409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdd7cd0000 LB 0x002a6000 C:\WINDOWS\System32\iertutil.dll [fFlags=0x0]
2854409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
2855409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2856409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2857409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2858409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2859409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\iertutil.dll'
2860409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2861409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2862409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5e40000 'C:\WINDOWS\system32\ole32.dll'
2863409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll
2864409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2865409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde53a0000 'C:\WINDOWS\System32\MSCTF.dll'
2866409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5e40000 'C:\WINDOWS\System32\ole32.dll'
2867409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2868409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2869409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde7030000 'C:\WINDOWS\System32\OLEAUT32.dll'
2870409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab4 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2871409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2872409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2873409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DB1AA7E2E4704C908EC9382E1F9E64808B9E5E1D
2874409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2875409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2876409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll'
2877409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2878409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2879409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2880409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2881409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2882409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2883409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2884409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2885409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b48 pwszName=\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2886409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2887409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2888409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22EAF38FA276D7A374D3945ACD556FA0953D3440
2889409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2890409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2891409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll'
2892409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2893409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2894409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
2895409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
2896409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll) WinVerifyTrust
2897409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2898409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2899409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2900409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2901409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2902409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2903409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2904409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2905409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2906409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
2907409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
2908409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
2909409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2910409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2911409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2912409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2913409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2914409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffddb1c0000 LB 0x00084000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2915409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2916409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffddb250000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
2917409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2918409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
2919409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2920409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2921409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddb250000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
2922409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b10 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2923409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2924409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2925409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00C864D7F76A7AD25E7D0DA164B0B66188F5B7FF
2926409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2927409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2928409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll'
2929409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2930409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2931409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2932409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2933409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2934409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2935409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2936409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2937409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2938409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2939409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2940409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffddaae0000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
2941409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2942409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddaae0000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
2943409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
2944409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2945409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-localization-l1-2-0.dll'
2946409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
2947409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2948409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
2949409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b40 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2950409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2951409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2952409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
2953409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2954409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2955409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll'
2956409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2957409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2958409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
2959409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2960409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2961409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2962409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2963409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2964409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2965409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2966409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2967409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2968409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdda6b0000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
2969409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2970409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdda6b0000 'C:\WINDOWS\system32\wbem\fastprox.dll'
2971409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b38 pwszName=\Device\HarddiskVolume4\Windows\System32\amsi.dll
2972409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
2973409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
2974409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5D4D58A583ACAD5AA76D7DD0F2DB8ADE903942B
2975409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2976409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2977409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume4\Windows\System32\amsi.dll'
2978409c.acd4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2979409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2980409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
2981409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'userenv.dll'.
2982409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\amsi.dll) WinVerifyTrust
2983409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\amsi.dll
2984409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
2985409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
2986409c.acd4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
2987409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2988409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2989409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2990409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2991409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2992409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
2993409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdda2d0000 LB 0x00015000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
2994409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\amsi.dll
2995409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdda2d0000 'C:\WINDOWS\System32\amsi.dll'
2996409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
2997409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
2998409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2999409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
3000409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
3001409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpOAV.dll) WinVerifyTrust
3002409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpOAV.dll
3003409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3004409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3005409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3006409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3007409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3008409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3009409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpOav.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3010409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpOAV.dll
3011409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffdda270000 LB 0x00046000 C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpOav.dll [fFlags=0x0]
3012409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\ProgramData\Microsoft\Windows Defender\Platform\4.18.2001.7-0\MpOAV.dll
3013409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3014409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3015409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-synch-l1-2-0'
3016409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3017409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3018409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-fibers-l1-1-1'
3019409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3020409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3021409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-synch-l1-2-0'
3022409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3023409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3024409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-fibers-l1-1-1'
3025409c.acd4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3026409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3027409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde43e0000 'api-ms-win-core-localization-l1-2-1'
3028409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\version.dll'.
3029409c.acd4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3030409c.acd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\version.dll)
3031409c.acd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\version.dll
3032409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3033409c.acd4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3034409c.acd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3035409c.acd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll [avoiding WinVerifyTrust]
3036409c.acd4: supR3HardenedDllNotificationCallback: load 00007ffddec30000 LB 0x0000a000 C:\WINDOWS\system32\version.dll [fFlags=0x0]
3037409c.acd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll [avoiding WinVerifyTrust]
3038409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddec30000 'C:\WINDOWS\system32\version.dll'
3039409c.acd4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\version.dll'.
3040409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\version.dll' [rescheduled]
3041409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdda270000 'C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2001.7-0\MpOav.dll'
3042409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3043409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3044409c.acd4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\version.dll'
3045409c.acd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde5fd0000 'C:\WINDOWS\System32\ADVAPI32.dll'
3046409c.39e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3047409c.39e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3048409c.39e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3049409c.39e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
3050409c.39e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3051409c.39e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3052409c.39e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3053409c.39e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3054409c.39e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3055409c.39e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3056409c.39e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3057409c.39e4: supR3HardenedDllNotificationCallback: load 00007ffd970f0000 LB 0x0037a000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
3058409c.39e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3059409c.39e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd970f0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3060409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3061409c.2310: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3062409c.2310: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3063409c.2310: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3064409c.2310: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3065409c.2310: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3066409c.2310: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3067409c.2310: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
3068409c.2310: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3069409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3070409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3071409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3072409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3073409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3074409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3075409c.2310: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3076409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3077409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3078409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3079409c.2310: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3080409c.2310: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3081409c.2310: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3082409c.2310: supR3HardenedDllNotificationCallback: load 00007ffdddc10000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
3083409c.2310: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3084409c.2310: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdddc10000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
3085409c.53dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3086409c.53dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3087409c.53dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3088409c.53dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3089409c.53dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
3090409c.53dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3091409c.53dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3092409c.53dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3093409c.53dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3094409c.53dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3095409c.53dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3096409c.53dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3097409c.53dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3098409c.53dc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3099409c.53dc: supR3HardenedDllNotificationCallback: load 00007ffddce80000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
3100409c.53dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3101409c.53dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddce80000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
3102409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
3103409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3104409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6100000 'C:\WINDOWS\system32\Shell32.dll'
3105409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3106409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3107409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3108409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3109409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3110409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
3111409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
3112409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3113409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
3114409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
3115409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
3116409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
3117409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
3118409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
3119409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
3120409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
3121409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3122409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3123409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
3124409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
3125409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3126409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3127409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3128409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3129409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
3130409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3131409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3132409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3133409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3134409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3135409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
3136409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'cfgmgr32.dll'.
3137409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
3138409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\setupapi.dll) WinVerifyTrust
3139409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\setupapi.dll
3140409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3141409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3142409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
3143409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
3144409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
3145409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
3146409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
3147409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3148409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3149409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
3150409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3151409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3152409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3153409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3154409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3155409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3156409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3157409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
3158409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3159409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
3160409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
3161409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3162409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3163409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3164409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3165409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
3166409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3167409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3168409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3169409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3170409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
3171409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
3172409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
3173409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3174409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3175409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3176409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3177409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3178409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3179409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3180409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3181409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3182409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3183409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3184409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3185409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
3186409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3187409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3188409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3189409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3190409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3191409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3192409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3193409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
3194409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3195409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3196409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
3197409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffde5790000 LB 0x00470000 C:\WINDOWS\System32\SETUPAPI.dll [fFlags=0x0]
3198409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
3199409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffdd01d0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3200409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3201409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd8e6d0000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3202409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3203409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffde36f0000 LB 0x0003a000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
3204409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
3205409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd87160000 LB 0x009e1000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
3206409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
3207409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd87160000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
3208409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3209409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
3210409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3211409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdaced0000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
3212409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3213409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3214409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3215409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e6d0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
3216409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3217409c.b6f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3218409c.b6f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3219409c.b6f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3220409c.b6f0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3221409c.b6f0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3222409c.b6f0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3223409c.b6f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3224409c.b6f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3225409c.b6f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3226409c.b6f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3227409c.b6f0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3228409c.b6f0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3229409c.b6f0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3230409c.b6f0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3231409c.b6f0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3232409c.b6f0: supR3HardenedDllNotificationCallback: load 00007ffdd2620000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3233409c.b6f0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3234409c.b6f0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd2620000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3235409c.384: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3236409c.384: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3237409c.384: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3238409c.384: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3239409c.384: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3240409c.384: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
3241409c.384: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3242409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3243409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3244409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3245409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3246409c.384: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3247409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3248409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3249409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3250409c.384: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3251409c.384: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3252409c.384: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3253409c.384: supR3HardenedDllNotificationCallback: load 00007ffddbdb0000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
3254409c.384: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3255409c.384: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddbdb0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
3256409c.7f60: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3257409c.7f60: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3258409c.7f60: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3259409c.7f60: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3260409c.7f60: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
3261409c.7f60: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3262409c.7f60: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3263409c.7f60: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3264409c.7f60: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3265409c.7f60: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3266409c.7f60: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3267409c.7f60: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3268409c.7f60: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3269409c.7f60: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3270409c.7f60: supR3HardenedDllNotificationCallback: load 00007ffddad30000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
3271409c.7f60: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3272409c.7f60: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddad30000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
3273409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3274409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3275409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3276409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
3277409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
3278409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll) WinVerifyTrust
3279409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3280409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
3281409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
3282409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3283409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3284409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
3285409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll) WinVerifyTrust
3286409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
3287409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3288409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3289409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3290409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3291409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
3292409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3293409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3294409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
3295409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3296409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3297409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll
3298409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffde3f70000 LB 0x0002a000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
3299409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll
3300409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffddeae0000 LB 0x00072000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
3301409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3302409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddeae0000 'C:\WINDOWS\System32\MMDevApi.dll'
3303409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001074 pwszName=\Device\HarddiskVolume4\Windows\System32\dsound.dll
3304409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
3305409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
3306409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8184043CF3F3DF1E3CF96E74DBBF7D0836417373
3307409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3308409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3309409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\dsound.dll'
3310409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3311409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3312409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'winmm.dll'.
3313409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dsound.dll) WinVerifyTrust
3314409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dsound.dll
3315409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3316409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3317409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3318409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3319409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3320409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3321409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3322409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd9d2c0000 LB 0x00099000 C:\WINDOWS\System32\dsound.dll [fFlags=0x0]
3323409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3324409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3325409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3326409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\System32\dsound.dll'
3327409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\System32\dsound.dll'
3328409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3329409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3330409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3331409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3332409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3333409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddeae0000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
3334409c.c9b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3335409c.c9b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3336409c.c9b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3337409c.c9b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
3338409c.c9b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
3339409c.c9b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
3340409c.c9b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\AudioSes.dll) WinVerifyTrust
3341409c.c9b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
3342409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3343409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3344409c.c9b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3345409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3346409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3347409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3348409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3349409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3350409c.c9b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3351409c.c9b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
3352409c.c9b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3353409c.c9b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
3354409c.c9b8: supR3HardenedDllNotificationCallback: load 00007ffddeda0000 LB 0x0015d000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
3355409c.c9b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\AudioSes.dll
3356409c.c9b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddeda0000 'C:\WINDOWS\System32\AUDIOSES.DLL'
3357409c.c9b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3358409c.c9b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
3359409c.c9b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll)
3360409c.c9b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll
3361409c.c9b8: supR3HardenedDllNotificationCallback: load 00007ffde2810000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
3362409c.c9b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
3363409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3364409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3365409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3366409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3367409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3368409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3369409c.6c44: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ResourcePolicyClient.dll'
3370409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3371409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3372409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3373409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010e8 pwszName=\Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3374409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
3375409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
3376409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=38EA8D6D625C6A0A9075DAE17FD33652FF8FC23A
3377409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3378409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3379409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\wdmaud.drv'
3380409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3381409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3382409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
3383409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
3384409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
3385409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wdmaud.drv) WinVerifyTrust
3386409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3387409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
3388409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
3389409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3390409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3391409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\avrt.dll) WinVerifyTrust
3392409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\avrt.dll
3393409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
3394409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume4\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
3395409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3396409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3397409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3398409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ksuser.dll) WinVerifyTrust
3399409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ksuser.dll
3400409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3401409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3402409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3403409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3404409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3405409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
3406409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3407409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3408409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3409409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3410409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
3411409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
3412409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffde04f0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
3413409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ksuser.dll
3414409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffdde9c0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
3415409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
3416409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd9aa10000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
3417409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3418409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3419409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3420409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3421409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3422409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3423409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3424409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3425409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3426409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3427409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3428409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3429409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3430409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3431409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3432409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3433409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3434409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wdmaud.drv
3435409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3436409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3437409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa10000 'C:\WINDOWS\System32\wdmaud.drv'
3438409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001090 pwszName=\Device\HarddiskVolume4\Windows\System32\msacm32.drv
3439409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
3440409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
3441409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=763C5E89A8DA653902990733D245B99CC7C40BEA
3442409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3443409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3444409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\msacm32.drv'
3445409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3446409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3447409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
3448409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
3449409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
3450409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.drv) WinVerifyTrust
3451409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3452409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
3453409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
3454409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
3455409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
3456409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
3457409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3458409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3459409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3460409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msacm32.dll) WinVerifyTrust
3461409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msacm32.dll
3462409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3463409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3464409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\MMDevAPI.dll
3465409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3466409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3467409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3468409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3469409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3470409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3471409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
3472409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd9a9e0000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
3473409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.dll
3474409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd9aa00000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
3475409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3476409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3477409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3478409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3479409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3480409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3481409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3482409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3483409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3484409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3485409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3486409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3487409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3488409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3489409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3490409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3491409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3492409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msacm32.drv
3493409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3494409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3495409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3496409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3497409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9aa00000 'C:\WINDOWS\System32\msacm32.drv'
3498409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001154 pwszName=\Device\HarddiskVolume4\Windows\System32\midimap.dll
3499409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000bf0bf0
3500409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000bf0bf0
3501409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB34EC166C3F780657AB67E557E6C2E60C398D10
3502409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3503409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3504409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume4\Windows\System32\midimap.dll'
3505409c.6c44: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3506409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3507409c.6c44: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
3508409c.6c44: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\midimap.dll) WinVerifyTrust
3509409c.6c44: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\midimap.dll
3510409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3511409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3512409c.6c44: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3513409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3514409c.6c44: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3515409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3516409c.6c44: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
3517409c.6c44: supR3HardenedDllNotificationCallback: load 00007ffd9a9d0000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
3518409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
3519409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9a9d0000 'C:\WINDOWS\System32\midimap.dll'
3520409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
3521409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3522409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9a9d0000 'C:\WINDOWS\System32\midimap.dll'
3523409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
3524409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3525409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9a9d0000 'C:\WINDOWS\System32\midimap.dll'
3526409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\midimap.dll
3527409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3528409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9a9d0000 'C:\WINDOWS\System32\midimap.dll'
3529409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3530409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3531409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3532409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3533409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3534409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3535409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3536409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3537409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3538409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3539409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3540409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3541409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3542409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3543409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3544409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3545409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3546409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3547409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3548409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3549409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3550409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3551409c.36c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3552409c.36c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3553409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3554409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3555409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3556409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3557409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3558409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3559409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3560409c.36c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3561409c.36c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3562409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3563409c.36c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3564409c.36c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3565409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3566409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3567409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3568409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3569409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3570409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3571409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3572409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3573409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3574409c.36c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3575409c.36c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3576409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3577409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3578409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3579409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3580409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3581409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3582409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3583409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3584409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3585409c.36c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3586409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3587409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3588409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3589409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3590409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3591409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3592409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3593409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3594409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3595409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3596409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3597409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3598409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3599409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3600409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3601409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3602409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3603409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3604409c.c6d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3605409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3606409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3607409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3608409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3609409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3610409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3611409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3612409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3613409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3614409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3615409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3616409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3617409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3618409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3619409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3620409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3621409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3622409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3623409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3624409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3625409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3626409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3627409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3628409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3629409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3630409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3631409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3632409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3633409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3634409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3635409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3636409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3637409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3638409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3639409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3640409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3641409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3642409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3643409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3644409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3645409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3646409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3647409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3648409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3649409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3650409c.c6d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3651409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3652409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3653409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3654409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3655409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3656409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3657409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3658409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3659409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3660409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3661409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3662409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3663409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3664409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3665409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3666409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3667409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3668409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3669409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3670409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3671409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3672409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3673409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3674409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3675409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3676409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3677409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3678409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3679409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
3680409c.c6d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3681409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3682409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3683409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3684409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3685409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3686409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3687409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3688409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3689409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3690409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3691409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3692409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3693409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3694409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3695409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3696409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3697409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3698409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3699409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3700409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3701409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3702409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3703409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3704409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3705409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3706409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3707409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3708409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3709409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3710409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3711409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3712409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3713409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3714409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3715409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3716409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3717409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3718409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3719409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3720409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3721409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3722409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3723409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3724409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3725409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3726409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3727409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3728409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3729409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3730409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3731409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3732409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3733409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3734409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3735409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3736409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3737409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3738409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3739409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3740409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3741409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3742409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3743409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3744409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3745409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3746409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3747409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3748409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3749409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3750409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3751409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3752409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3753409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3754409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3755409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3756409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3757409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3758409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3759409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3760409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3761409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3762409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3763409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3764409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3765409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3766409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3767409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3768409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3769409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3770409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3771409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3772409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3773409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3774409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3775409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3776409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3777409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3778409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3779409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3780409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3781409c.2310: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde6b30000 'C:\WINDOWS\system32\User32.dll'
3782409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3783409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3784409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3785409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3786409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3787409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3788409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3789409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3790409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3791409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3792409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3793409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3794409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3795409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3796409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3797409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3798409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3799409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3800409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
3801409c.c6d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3802409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4710000 'C:\WINDOWS\System32\WINTRUST.DLL'
3803409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\CRYPT32.dll'
3804409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3805409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3806409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
3807409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'combase.dll'.
3808409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shcore.dll'.
3809409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'textinputframework.dll'.
3810409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'inputhost.dll'.
3811409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'user32.dll'.
3812409c.c6d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\Windows.UI.dll) WinVerifyTrust
3813409c.c6d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
3814409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3815409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3816409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'inputhost.dll'...
3817409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'inputhost.dll' -> '\Device\HarddiskVolume4\Windows\System32\inputhost.dll' [rcNtRedir=0xc0150008]
3818409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3819409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3820409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3821409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'coremessaging.dll'.
3822409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'coreuicomponents.dll'.
3823409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'propsys.dll'.
3824409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'shcore.dll'.
3825409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'win32u.dll'.
3826409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'combase.dll'.
3827409c.c6d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\InputHost.dll) WinVerifyTrust
3828409c.c6d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\InputHost.dll
3829409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'textinputframework.dll'...
3830409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'textinputframework.dll' -> '\Device\HarddiskVolume4\Windows\System32\textinputframework.dll' [rcNtRedir=0xc0150008]
3831409c.c6d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\TextInputFramework.dll
3832409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
3833409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
3834409c.c6d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
3835409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
3836409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
3837409c.c6d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll
3838409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3839409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3840409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3841409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3842409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
3843409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
3844409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
3845409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
3846409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
3847409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume4\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
3848409c.c6d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll
3849409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
3850409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume4\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
3851409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde3550000 'C:\WINDOWS\system32\rsaenh.dll'
3852409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde4f90000 'C:\WINDOWS\System32\crypt32.dll'
3853409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'oleaut32.dll'.
3854409c.c6d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
3855409c.c6d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\propsys.dll) WinVerifyTrust
3856409c.c6d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\propsys.dll
3857409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
3858409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume4\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
3859409c.c6d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreUIComponents.dll
3860409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
3861409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume4\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
3862409c.c6d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\CoreMessaging.dll
3863409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3864409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3865409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3866409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3867409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3868409c.c6d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3869409c.c6d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Windows.UI.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3870409c.c6d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
3871409c.c6d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\InputHost.dll
3872409c.c6d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll
3873409c.c6d4: supR3HardenedDllNotificationCallback: load 00007ffde0530000 LB 0x000ef000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
3874409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\propsys.dll
3875409c.c6d4: supR3HardenedDllNotificationCallback: load 00007ffdd0680000 LB 0x0011a000 C:\Windows\System32\InputHost.dll [fFlags=0x0]
3876409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\InputHost.dll
3877409c.c6d4: supR3HardenedDllNotificationCallback: load 00007ffdd0840000 LB 0x00151000 C:\Windows\System32\Windows.UI.dll [fFlags=0x0]
3878409c.c6d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\Windows.UI.dll
3879409c.c6d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd0840000 'C:\Windows\System32\Windows.UI.dll'
3880409c.5470: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\avrt.dll
3881409c.5470: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\avrt.dll (Input=avrt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3882409c.5470: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdde9c0000 'C:\WINDOWS\System32\avrt.dll'
3883409c.6c44: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
3884409c.6c44: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3885409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3886409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3887409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3888409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3889409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3890409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3891409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3892409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3893409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3894409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3895409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd9d2c0000 'C:\WINDOWS\system32\dsound.dll'
3896409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3897409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3898409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3899409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3900409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'
3901409c.6c44: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdd7260000 'C:\WINDOWS\System32\winmm.dll'

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy