VirtualBox

Ticket #19393: VBoxHardening.log

File VBoxHardening.log, 432.8 KB (added by JMeier12, 5 years ago)

Virtualbox Hardening Logfile

Line 
13668.398c: Log file opened: 6.1.4r136177 g_hStartupLog=0000000000000068 g_uNtVerCombined=0xa03ad700
23668.398c: \SystemRoot\System32\ntdll.dll:
33668.398c: CreationTime: 2017-08-01T00:43:57.703046100Z
43668.398c: LastWriteTime: 2017-08-01T00:43:57.703046100Z
53668.398c: ChangeTime: 2017-08-01T00:44:26.471603700Z
63668.398c: FileAttributes: 0x20
73668.398c: Size: 0x1d7450
83668.398c: NT Headers: 0xe0
93668.398c: Timestamp: 0xa329d3a8
103668.398c: Machine: 0x8664 - amd64
113668.398c: Timestamp: 0xa329d3a8
123668.398c: Image Version: 10.0
133668.398c: SizeOfImage: 0x1db000 (1945600)
143668.398c: Resource Dir: 0x170000 LB 0x69398
153668.398c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
163668.398c: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)]
173668.398c: ProductName: Microsoft® Windows® Operating System
183668.398c: ProductVersion: 10.0.15063.447
193668.398c: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
203668.398c: FileDescription: NT Layer DLL
213668.398c: \SystemRoot\System32\kernel32.dll:
223668.398c: CreationTime: 2017-08-01T00:43:56.202885500Z
233668.398c: LastWriteTime: 2017-08-01T00:43:56.202885500Z
243668.398c: ChangeTime: 2017-07-31T14:44:56.905246200Z
253668.398c: FileAttributes: 0x20
263668.398c: Size: 0xad068
273668.398c: NT Headers: 0xf8
283668.398c: Timestamp: 0xf5fa43df
293668.398c: Machine: 0x8664 - amd64
303668.398c: Timestamp: 0xf5fa43df
313668.398c: Image Version: 10.0
323668.398c: SizeOfImage: 0xae000 (712704)
333668.398c: Resource Dir: 0xac000 LB 0x520
343668.398c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
353668.398c: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
363668.398c: ProductName: Microsoft® Windows® Operating System
373668.398c: ProductVersion: 10.0.15063.296
383668.398c: FileVersion: 10.0.15063.296 (WinBuild.160101.0800)
393668.398c: FileDescription: Windows NT BASE API Client DLL
403668.398c: \SystemRoot\System32\KernelBase.dll:
413668.398c: CreationTime: 2017-08-01T00:43:57.687419100Z
423668.398c: LastWriteTime: 2017-08-01T00:43:57.687419100Z
433668.398c: ChangeTime: 2017-07-31T14:44:57.003236500Z
443668.398c: FileAttributes: 0x20
453668.398c: Size: 0x249df0
463668.398c: NT Headers: 0x100
473668.398c: Timestamp: 0x30ec82a7
483668.398c: Machine: 0x8664 - amd64
493668.398c: Timestamp: 0x30ec82a7
503668.398c: Image Version: 10.0
513668.398c: SizeOfImage: 0x249000 (2396160)
523668.398c: Resource Dir: 0x22a000 LB 0x548
533668.398c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
543668.398c: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
553668.398c: ProductName: Microsoft® Windows® Operating System
563668.398c: ProductVersion: 10.0.15063.447
573668.398c: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
583668.398c: FileDescription: Windows NT BASE API Client DLL
593668.398c: \SystemRoot\System32\apisetschema.dll:
603668.398c: CreationTime: 2017-03-18T20:57:35.373527900Z
613668.398c: LastWriteTime: 2017-03-18T20:57:35.373527900Z
623668.398c: ChangeTime: 2017-08-01T00:21:55.747676800Z
633668.398c: FileAttributes: 0x20
643668.398c: Size: 0x1ada0
653668.398c: NT Headers: 0xc0
663668.398c: Timestamp: 0x76544b2
673668.398c: Machine: 0x8664 - amd64
683668.398c: Timestamp: 0x76544b2
693668.398c: Image Version: 10.0
703668.398c: SizeOfImage: 0x1b000 (110592)
713668.398c: Resource Dir: 0x1a000 LB 0x408
723668.398c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
733668.398c: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
743668.398c: ProductName: Microsoft® Windows® Operating System
753668.398c: ProductVersion: 10.0.15063.0
763668.398c: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
773668.398c: FileDescription: ApiSet Schema DLL
783668.398c: supR3HardenedWinFindAdversaries: 0x40000
793668.398c: \SystemRoot\System32\drivers\SophosED.sys:
803668.398c: CreationTime: 2017-10-16T10:05:09.802750600Z
813668.398c: LastWriteTime: 2019-07-10T13:16:16.998478700Z
823668.398c: ChangeTime: 2019-07-10T13:16:16.998478700Z
833668.398c: FileAttributes: 0x20
843668.398c: Size: 0xe34f8
853668.398c: NT Headers: 0xf0
863668.398c: Timestamp: 0x5bf40db0
873668.398c: Machine: 0x8664 - amd64
883668.398c: Timestamp: 0x5bf40db0
893668.398c: Image Version: 10.0
903668.398c: SizeOfImage: 0xf2000 (991232)
913668.398c: Resource Dir: 0xea000 LB 0x6480
923668.398c: [Version info resource found at 0x540! (ID/Name: 0x1; SubID/SubName: 0x409)]
933668.398c: [Raw version resource data: 0xea550 LB 0x4b4, codepage 0x0 (reserved 0x0)]
943668.398c: ProductName: Sophos Endpoint Defense
953668.398c: ProductVersion: 2.1.1
963668.398c: FileVersion: 2.1.1.39
973668.398c: FileDescription: Sophos Endpoint Defense Mini-Filter Driver
983668.398c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
993668.398c: Calling main()
1003668.398c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
1013668.398c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
1023668.398c: SUPR3HardenedMain: Respawn #1
1033668.398c: System32: \Device\HarddiskVolume3\Windows\System32
1043668.398c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
1053668.398c: KnownDllPath: C:\Windows\System32
1063668.398c: supR3HardenedWinInit: Performing a limited self purification...
1073668.398c: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
1083668.398c: *0000000000000000-000000000021ffff 0x0001/0x0000 0x0000000
1093668.398c: *0000000000220000-000000000022ffff 0x0004/0x0004 0x0040000
1103668.398c: 0000000000230000-000000000023ffff 0x0001/0x0000 0x0000000
1113668.398c: *0000000000240000-0000000000257fff 0x0002/0x0002 0x0040000
1123668.398c: 0000000000258000-000000000025ffff 0x0001/0x0000 0x0000000
1133668.398c: *0000000000260000-0000000000310fff 0x0000/0x0004 0x0020000
1143668.398c: 0000000000311000-0000000000313fff 0x0104/0x0004 0x0020000
1153668.398c: 0000000000314000-000000000035ffff 0x0004/0x0004 0x0020000
1163668.398c: *0000000000360000-0000000000363fff 0x0002/0x0002 0x0040000
1173668.398c: 0000000000364000-000000000036ffff 0x0001/0x0000 0x0000000
1183668.398c: *0000000000370000-0000000000370fff 0x0004/0x0004 0x0020000
1193668.398c: 0000000000371000-000000000037ffff 0x0001/0x0000 0x0000000
1203668.398c: *0000000000380000-0000000000381fff 0x0004/0x0004 0x0020000
1213668.398c: 0000000000382000-00000000003b1fff 0x0000/0x0004 0x0020000
1223668.398c: 00000000003b2000-00000000003fffff 0x0001/0x0000 0x0000000
1233668.398c: *0000000000400000-00000000005c9fff 0x0000/0x0004 0x0020000
1243668.398c: 00000000005ca000-00000000005ccfff 0x0004/0x0004 0x0020000
1253668.398c: 00000000005cd000-00000000005fffff 0x0000/0x0004 0x0020000
1263668.398c: *0000000000600000-00000000006c4fff 0x0002/0x0002 0x0040000
1273668.398c: 00000000006c5000-00000000006effff 0x0001/0x0000 0x0000000
1283668.398c: *00000000006f0000-00000000006f4fff 0x0004/0x0004 0x0020000
1293668.398c: 00000000006f5000-00000000007effff 0x0000/0x0004 0x0020000
1303668.398c: *00000000007f0000-000000000080cfff 0x0004/0x0004 0x0020000
1313668.398c: 000000000080d000-00000000008effff 0x0000/0x0004 0x0020000
1323668.398c: 00000000008f0000-00000000008fffff 0x0001/0x0000 0x0000000
1333668.398c: *0000000000900000-000000000090efff 0x0004/0x0004 0x0020000
1343668.398c: 000000000090f000-000000000090ffff 0x0000/0x0004 0x0020000
1353668.398c: *0000000000910000-0000000000915fff 0x0000/0x0004 0x0020000
1363668.398c: 0000000000916000-0000000000af1fff 0x0004/0x0004 0x0020000
1373668.398c: 0000000000af2000-0000000000af2fff 0x0000/0x0004 0x0020000
1383668.398c: 0000000000af3000-000000007ffdffff 0x0001/0x0000 0x0000000
1393668.398c: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
1403668.398c: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
1413668.398c: 000000007fff0000-00007ff759c7ffff 0x0001/0x0000 0x0000000
1423668.398c: *00007ff759c80000-00007ff759c84fff 0x0002/0x0002 0x0040000
1433668.398c: 00007ff759c85000-00007ff759d7ffff 0x0000/0x0002 0x0040000
1443668.398c: *00007ff759d80000-00007ff759da2fff 0x0002/0x0002 0x0040000
1453668.398c: 00007ff759da3000-00007ff75a7affff 0x0001/0x0000 0x0000000
1463668.398c: *00007ff75a7b0000-00007ff75a7b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1473668.398c: 00007ff75a7b1000-00007ff75a826fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1483668.398c: 00007ff75a827000-00007ff75a827fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1493668.398c: 00007ff75a828000-00007ff75a86ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1503668.398c: 00007ff75a870000-00007ff75a872fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1513668.398c: 00007ff75a873000-00007ff75a875fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1523668.398c: 00007ff75a876000-00007ff75a878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1533668.398c: 00007ff75a879000-00007ff75a879fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1543668.398c: 00007ff75a87a000-00007ff75a87bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1553668.398c: 00007ff75a87c000-00007ff75a87cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1563668.398c: 00007ff75a87d000-00007ff75a8c5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
1573668.398c: 00007ff75a8c6000-00007ffe1fd8ffff 0x0001/0x0000 0x0000000
1583668.398c: *00007ffe1fd90000-00007ffe1fd90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1593668.398c: 00007ffe1fd91000-00007ffe1fe73fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1603668.398c: 00007ffe1fe74000-00007ffe1ffa5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1613668.398c: 00007ffe1ffa6000-00007ffe1ffa9fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1623668.398c: 00007ffe1ffaa000-00007ffe1ffaafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1633668.398c: 00007ffe1ffab000-00007ffe1ffd8fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
1643668.398c: 00007ffe1ffd9000-00007ffe22e6ffff 0x0001/0x0000 0x0000000
1653668.398c: *00007ffe22e70000-00007ffe22e70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1663668.398c: 00007ffe22e71000-00007ffe22ee3fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1673668.398c: 00007ffe22ee4000-00007ffe22f13fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1683668.398c: 00007ffe22f14000-00007ffe22f14fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1693668.398c: 00007ffe22f15000-00007ffe22f15fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1703668.398c: 00007ffe22f16000-00007ffe22f1dfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1713668.398c: 00007ffe22f1e000-00007ffe2349ffff 0x0001/0x0000 0x0000000
1723668.398c: *00007ffe234a0000-00007ffe234a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1733668.398c: 00007ffe234a1000-00007ffe235affff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1743668.398c: 00007ffe235b0000-00007ffe235f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1753668.398c: 00007ffe235f5000-00007ffe235f5fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1763668.398c: 00007ffe235f6000-00007ffe235f7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1773668.398c: 00007ffe235f8000-00007ffe235fcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1783668.398c: 00007ffe235fd000-00007ffe2367afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
1793668.398c: 00007ffe2367b000-00007ffffffdffff 0x0001/0x0000 0x0000000
1803668.398c: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
1813668.398c: kernel32.dll: timestamp 0xf5fa43df (rc=VINF_SUCCESS)
1823668.398c: kernelbase.dll: timestamp 0x30ec82a7 (rc=VINF_SUCCESS)
1833668.398c: VirtualBoxVM.exe: timestamp 0x5e4c1d19 (rc=VINF_SUCCESS)
1843668.398c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
1853668.398c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
1863668.398c: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
1873668.398c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
1883668.398c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe)
1893668.398c: supR3HardNtEnableThreadCreationEx:
1903668.398c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe23519ac0 pvNtTerminateThread=00007ffe23545df0
1913668.398c: supR3HardenedWinDoReSpawn(1): New child 1b80.22f8 [kernel32].
1923668.398c: supR3HardNtChildGatherData: PebBaseAddress=0000000000683000 cbPeb=0x388
1933668.398c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffe234a0000 uNtDllChildAddr=00007ffe234a0000
1943668.398c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffe23519ac0
1953668.398c: supR3HardenedWinSetupChildInit: Initial context:
196 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff75a7b7900 rdx=0000000000683000
197 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
198 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
199 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
200 rip=00007ffe23510d30 rsp=00000000005bf9e8 rbp=0000000000000000 ctxflags=0010001b
201 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
202 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
203 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
204 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
205 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
2063668.398c: supR3HardenedWinSetupChildInit: Start child.
2073668.398c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
2083668.398c: supR3HardNtChildPurify: Startup delay kludge #1/0: 518 ms, 60 sleeps
2093668.398c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
2103668.398c: *0000000000000000-000000000047ffff 0x0001/0x0000 0x0000000
2113668.398c: *0000000000480000-000000000049ffff 0x0004/0x0004 0x0020000
2123668.398c: *00000000004a0000-00000000004b7fff 0x0002/0x0002 0x0040000
2133668.398c: 00000000004b8000-00000000004bffff 0x0001/0x0000 0x0000000
2143668.398c: *00000000004c0000-00000000005bafff 0x0000/0x0004 0x0020000
2153668.398c: 00000000005bb000-00000000005bdfff 0x0104/0x0004 0x0020000
2163668.398c: 00000000005be000-00000000005bffff 0x0004/0x0004 0x0020000
2173668.398c: *00000000005c0000-00000000005c3fff 0x0002/0x0002 0x0040000
2183668.398c: 00000000005c4000-00000000005cffff 0x0001/0x0000 0x0000000
2193668.398c: *00000000005d0000-00000000005d0fff 0x0004/0x0004 0x0020000
2203668.398c: 00000000005d1000-00000000005fffff 0x0001/0x0000 0x0000000
2213668.398c: *0000000000600000-0000000000682fff 0x0000/0x0004 0x0020000
2223668.398c: 0000000000683000-0000000000685fff 0x0004/0x0004 0x0020000
2233668.398c: 0000000000686000-00000000007fffff 0x0000/0x0004 0x0020000
2243668.398c: 0000000000800000-000000007ffdffff 0x0001/0x0000 0x0000000
2253668.398c: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2263668.398c: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
2273668.398c: 000000007fff0000-00007ff759e3ffff 0x0001/0x0000 0x0000000
2283668.398c: *00007ff759e40000-00007ff759e62fff 0x0002/0x0002 0x0040000
2293668.398c: 00007ff759e63000-00007ff75a7affff 0x0001/0x0000 0x0000000
2303668.398c: *00007ff75a7b0000-00007ff75a7b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2313668.398c: 00007ff75a7b1000-00007ff75a826fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2323668.398c: 00007ff75a827000-00007ff75a827fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2333668.398c: 00007ff75a828000-00007ff75a86ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2343668.398c: 00007ff75a870000-00007ff75a870fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2353668.398c: 00007ff75a871000-00007ff75a871fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2363668.398c: 00007ff75a872000-00007ff75a876fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2373668.398c: 00007ff75a877000-00007ff75a877fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2383668.398c: 00007ff75a878000-00007ff75a878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2393668.398c: 00007ff75a879000-00007ff75a87cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2403668.398c: 00007ff75a87d000-00007ff75a8c5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2413668.398c: 00007ff75a8c6000-00007ffe2349ffff 0x0001/0x0000 0x0000000
2423668.398c: *00007ffe234a0000-00007ffe234a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2433668.398c: 00007ffe234a1000-00007ffe235affff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2443668.398c: 00007ffe235b0000-00007ffe235f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2453668.398c: 00007ffe235f5000-00007ffe235fcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2463668.398c: 00007ffe235fd000-00007ffe2360afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2473668.398c: 00007ffe2360b000-00007ffe2360bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2483668.398c: 00007ffe2360c000-00007ffe2360efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2493668.398c: 00007ffe2360f000-00007ffe2367afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2503668.398c: 00007ffe2367b000-00007ffffffdffff 0x0001/0x0000 0x0000000
2513668.398c: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
2523668.398c: supR3HardNtChildPurify: Done after 520 ms and 0 fixes (loop #0).
2531b80.22f8: Log file opened: 6.1.4r136177 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03ad700
2541b80.22f8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffe234a0000 g_uNtVerCombined=0xa03ad700 (stack ~00000000005bf498)
2551b80.22f8: ntdll.dll: timestamp 0xa329d3a8 (rc=VINF_SUCCESS)
2561b80.22f8: New simple heap: #1 0000000000900000 LB 0x400000 (for 1945600 allocation)
2573668.398c: supR3HardNtEnableThreadCreationEx:
2581b80.22f8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
2591b80.22f8: System32: \Device\HarddiskVolume3\Windows\System32
2601b80.22f8: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
2611b80.22f8: KnownDllPath: C:\Windows\System32
2621b80.22f8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2631b80.22f8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2641b80.22f8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2651b80.22f8: Registered Dll notification callback with NTDLL.
2661b80.22f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
2671b80.22f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2681b80.22f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
2691b80.22f8: supR3HardenedDllNotificationCallback: load 00007ffe1fd90000 LB 0x00249000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
2701b80.22f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
2711b80.22f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2721b80.22f8: supR3HardenedDllNotificationCallback: load 00007ffe22e70000 LB 0x000ae000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
2731b80.22f8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2741b80.22f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'C:\Windows\System32\KERNEL32.DLL'
2751b80.22f8: supR3HardenedDllNotificationCallback: load 00007ff75a7b0000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe [fFlags=0x0]
2761b80.22f8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
2771b80.22f8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe)
2781b80.22f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
2791b80.22f8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe23519ac0 pvNtTerminateThread=00007ffe23545df0
2803668.398c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 69 ms.
2811b80.22f8: \SystemRoot\System32\ntdll.dll:
2821b80.22f8: CreationTime: 2017-08-01T00:43:57.703046100Z
2831b80.22f8: LastWriteTime: 2017-08-01T00:43:57.703046100Z
2841b80.22f8: ChangeTime: 2017-08-01T00:44:26.471603700Z
2851b80.22f8: FileAttributes: 0x20
2861b80.22f8: Size: 0x1d7450
2871b80.22f8: NT Headers: 0xe0
2881b80.22f8: Timestamp: 0xa329d3a8
2891b80.22f8: Machine: 0x8664 - amd64
2901b80.22f8: Timestamp: 0xa329d3a8
2911b80.22f8: Image Version: 10.0
2921b80.22f8: SizeOfImage: 0x1db000 (1945600)
2931b80.22f8: Resource Dir: 0x170000 LB 0x69398
2941b80.22f8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
2951b80.22f8: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)]
2961b80.22f8: ProductName: Microsoft® Windows® Operating System
2971b80.22f8: ProductVersion: 10.0.15063.447
2981b80.22f8: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
2991b80.22f8: FileDescription: NT Layer DLL
3001b80.22f8: \SystemRoot\System32\kernel32.dll:
3011b80.22f8: CreationTime: 2017-08-01T00:43:56.202885500Z
3021b80.22f8: LastWriteTime: 2017-08-01T00:43:56.202885500Z
3031b80.22f8: ChangeTime: 2017-07-31T14:44:56.905246200Z
3041b80.22f8: FileAttributes: 0x20
3051b80.22f8: Size: 0xad068
3061b80.22f8: NT Headers: 0xf8
3071b80.22f8: Timestamp: 0xf5fa43df
3081b80.22f8: Machine: 0x8664 - amd64
3091b80.22f8: Timestamp: 0xf5fa43df
3101b80.22f8: Image Version: 10.0
3111b80.22f8: SizeOfImage: 0xae000 (712704)
3121b80.22f8: Resource Dir: 0xac000 LB 0x520
3131b80.22f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3141b80.22f8: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3151b80.22f8: ProductName: Microsoft® Windows® Operating System
3161b80.22f8: ProductVersion: 10.0.15063.296
3171b80.22f8: FileVersion: 10.0.15063.296 (WinBuild.160101.0800)
3181b80.22f8: FileDescription: Windows NT BASE API Client DLL
3191b80.22f8: \SystemRoot\System32\KernelBase.dll:
3201b80.22f8: CreationTime: 2017-08-01T00:43:57.687419100Z
3211b80.22f8: LastWriteTime: 2017-08-01T00:43:57.687419100Z
3221b80.22f8: ChangeTime: 2017-07-31T14:44:57.003236500Z
3231b80.22f8: FileAttributes: 0x20
3241b80.22f8: Size: 0x249df0
3251b80.22f8: NT Headers: 0x100
3261b80.22f8: Timestamp: 0x30ec82a7
3271b80.22f8: Machine: 0x8664 - amd64
3281b80.22f8: Timestamp: 0x30ec82a7
3291b80.22f8: Image Version: 10.0
3301b80.22f8: SizeOfImage: 0x249000 (2396160)
3311b80.22f8: Resource Dir: 0x22a000 LB 0x548
3321b80.22f8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3331b80.22f8: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
3341b80.22f8: ProductName: Microsoft® Windows® Operating System
3351b80.22f8: ProductVersion: 10.0.15063.447
3361b80.22f8: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
3371b80.22f8: FileDescription: Windows NT BASE API Client DLL
3381b80.22f8: \SystemRoot\System32\apisetschema.dll:
3391b80.22f8: CreationTime: 2017-03-18T20:57:35.373527900Z
3401b80.22f8: LastWriteTime: 2017-03-18T20:57:35.373527900Z
3411b80.22f8: ChangeTime: 2017-08-01T00:21:55.747676800Z
3421b80.22f8: FileAttributes: 0x20
3431b80.22f8: Size: 0x1ada0
3441b80.22f8: NT Headers: 0xc0
3451b80.22f8: Timestamp: 0x76544b2
3461b80.22f8: Machine: 0x8664 - amd64
3471b80.22f8: Timestamp: 0x76544b2
3481b80.22f8: Image Version: 10.0
3491b80.22f8: SizeOfImage: 0x1b000 (110592)
3501b80.22f8: Resource Dir: 0x1a000 LB 0x408
3511b80.22f8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
3521b80.22f8: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
3531b80.22f8: ProductName: Microsoft® Windows® Operating System
3541b80.22f8: ProductVersion: 10.0.15063.0
3551b80.22f8: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
3561b80.22f8: FileDescription: ApiSet Schema DLL
3571b80.22f8: supR3HardenedWinFindAdversaries: 0x40000
3581b80.22f8: \SystemRoot\System32\drivers\SophosED.sys:
3591b80.22f8: CreationTime: 2017-10-16T10:05:09.802750600Z
3601b80.22f8: LastWriteTime: 2019-07-10T13:16:16.998478700Z
3611b80.22f8: ChangeTime: 2019-07-10T13:16:16.998478700Z
3621b80.22f8: FileAttributes: 0x20
3631b80.22f8: Size: 0xe34f8
3641b80.22f8: NT Headers: 0xf0
3651b80.22f8: Timestamp: 0x5bf40db0
3661b80.22f8: Machine: 0x8664 - amd64
3671b80.22f8: Timestamp: 0x5bf40db0
3681b80.22f8: Image Version: 10.0
3691b80.22f8: SizeOfImage: 0xf2000 (991232)
3701b80.22f8: Resource Dir: 0xea000 LB 0x6480
3711b80.22f8: [Version info resource found at 0x540! (ID/Name: 0x1; SubID/SubName: 0x409)]
3721b80.22f8: [Raw version resource data: 0xea550 LB 0x4b4, codepage 0x0 (reserved 0x0)]
3731b80.22f8: ProductName: Sophos Endpoint Defense
3741b80.22f8: ProductVersion: 2.1.1
3751b80.22f8: FileVersion: 2.1.1.39
3761b80.22f8: FileDescription: Sophos Endpoint Defense Mini-Filter Driver
3771b80.22f8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
3781b80.22f8: Calling main()
3791b80.22f8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
3801b80.22f8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
3811b80.22f8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
3821b80.22f8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe)
3831b80.22f8: SUPR3HardenedMain: Respawn #2
3841b80.22f8: supR3HardNtEnableThreadCreationEx:
3851b80.22f8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
3861b80.22f8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
3871b80.22f8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3881b80.22f8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3891b80.22f8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe234a0000 'C:\Windows\System32\ntdll.dll'
3901b80.22f8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe23519ac0 pvNtTerminateThread=00007ffe23545df0
3911b80.22f8: supR3HardenedWinDoReSpawn(2): New child 2fe8.c10 [kernel32].
3921b80.22f8: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
3931b80.22f8: supR3HardNtChildGatherData: PebBaseAddress=0000000001032000 cbPeb=0x388
3941b80.22f8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffe234a0000 uNtDllChildAddr=00007ffe234a0000
3951b80.22f8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffe23519ac0
3961b80.22f8: supR3HardenedWinSetupChildInit: Initial context:
397 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff75a7b7900 rdx=0000000001032000
398 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
399 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
400 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
401 rip=00007ffe23510d30 rsp=00000000012ffc68 rbp=0000000000000000 ctxflags=0010001b
402 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
403 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
404 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
405 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
406 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
4071b80.22f8: kernel32.dll: timestamp 0xf5fa43df (rc=VINF_SUCCESS)
4081b80.22f8: supR3HardenedWinSetupChildInit: Start child.
4091b80.22f8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 2 ms.
4101b80.22f8: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 60 sleeps
4111b80.22f8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4121b80.22f8: *0000000000000000-0000000000edffff 0x0001/0x0000 0x0000000
4131b80.22f8: *0000000000ee0000-0000000000efffff 0x0004/0x0004 0x0020000
4141b80.22f8: *0000000000f00000-0000000000f17fff 0x0002/0x0002 0x0040000
4151b80.22f8: 0000000000f18000-0000000000f1ffff 0x0001/0x0000 0x0000000
4161b80.22f8: *0000000000f20000-0000000000f23fff 0x0002/0x0002 0x0040000
4171b80.22f8: 0000000000f24000-0000000000f2ffff 0x0001/0x0000 0x0000000
4181b80.22f8: *0000000000f30000-0000000000f30fff 0x0004/0x0004 0x0020000
4191b80.22f8: 0000000000f31000-0000000000ffffff 0x0001/0x0000 0x0000000
4201b80.22f8: *0000000001000000-0000000001031fff 0x0000/0x0004 0x0020000
4211b80.22f8: 0000000001032000-0000000001034fff 0x0004/0x0004 0x0020000
4221b80.22f8: 0000000001035000-00000000011fffff 0x0000/0x0004 0x0020000
4231b80.22f8: *0000000001200000-00000000012fafff 0x0000/0x0004 0x0020000
4241b80.22f8: 00000000012fb000-00000000012fdfff 0x0104/0x0004 0x0020000
4251b80.22f8: 00000000012fe000-00000000012fffff 0x0004/0x0004 0x0020000
4261b80.22f8: 0000000001300000-000000007ffdffff 0x0001/0x0000 0x0000000
4271b80.22f8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
4281b80.22f8: *000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
4291b80.22f8: 000000007fff0000-00007ff75a4affff 0x0001/0x0000 0x0000000
4301b80.22f8: *00007ff75a4b0000-00007ff75a4d2fff 0x0002/0x0002 0x0040000
4311b80.22f8: 00007ff75a4d3000-00007ff75a7affff 0x0001/0x0000 0x0000000
4321b80.22f8: *00007ff75a7b0000-00007ff75a7b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4331b80.22f8: 00007ff75a7b1000-00007ff75a826fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4341b80.22f8: 00007ff75a827000-00007ff75a827fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4351b80.22f8: 00007ff75a828000-00007ff75a86ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4361b80.22f8: 00007ff75a870000-00007ff75a870fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4371b80.22f8: 00007ff75a871000-00007ff75a871fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4381b80.22f8: 00007ff75a872000-00007ff75a876fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4391b80.22f8: 00007ff75a877000-00007ff75a877fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4401b80.22f8: 00007ff75a878000-00007ff75a878fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4411b80.22f8: 00007ff75a879000-00007ff75a87cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4421b80.22f8: 00007ff75a87d000-00007ff75a8c5fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4431b80.22f8: 00007ff75a8c6000-00007ffe2349ffff 0x0001/0x0000 0x0000000
4441b80.22f8: *00007ffe234a0000-00007ffe234a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4451b80.22f8: 00007ffe234a1000-00007ffe235affff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4461b80.22f8: 00007ffe235b0000-00007ffe235f4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4471b80.22f8: 00007ffe235f5000-00007ffe235fcfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4481b80.22f8: 00007ffe235fd000-00007ffe2360afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4491b80.22f8: 00007ffe2360b000-00007ffe2360bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4501b80.22f8: 00007ffe2360c000-00007ffe2360efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4511b80.22f8: 00007ffe2360f000-00007ffe2367afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
4521b80.22f8: 00007ffe2367b000-00007ffffffdffff 0x0001/0x0000 0x0000000
4531b80.22f8: *00007ffffffe0000-00007ffffffeffff 0x0001/0x0002 0x0020000
4541b80.22f8: VirtualBoxVM.exe: timestamp 0x5e4c1d19 (rc=VINF_SUCCESS)
4551b80.22f8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
4561b80.22f8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
4571b80.22f8: supR3HardNtChildPurify: Done after 541 ms and 0 fixes (loop #0).
4582fe8.c10: Log file opened: 6.1.4r136177 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa03ad700
4592fe8.c10: supR3HardenedVmProcessInit: uNtDllAddr=00007ffe234a0000 g_uNtVerCombined=0xa03ad700 (stack ~00000000012ff718)
4602fe8.c10: ntdll.dll: timestamp 0xa329d3a8 (rc=VINF_SUCCESS)
4612fe8.c10: New simple heap: #1 0000000001400000 LB 0x400000 (for 1945600 allocation)
4621b80.22f8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000900000 LB 0x400000)
4631b80.22f8: supR3HardNtEnableThreadCreationEx:
4642fe8.c10: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
4652fe8.c10: System32: \Device\HarddiskVolume3\Windows\System32
4662fe8.c10: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
4672fe8.c10: KnownDllPath: C:\Windows\System32
4682fe8.c10: supR3HardenedVmProcessInit: Opening vboxdrv...
4692fe8.c10: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
4702fe8.c10: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
4712fe8.c10: Registered Dll notification callback with NTDLL.
4722fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
4732fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
4742fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
4752fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1fd90000 LB 0x00249000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
4762fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
4772fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
4782fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe22e70000 LB 0x000ae000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
4792fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
4802fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'C:\Windows\System32\KERNEL32.DLL'
4812fe8.c10: supR3HardenedDllNotificationCallback: load 00007ff75a7b0000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe [fFlags=0x0]
4822fe8.c10: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
4832fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe)
4842fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe
4852fe8.c10: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffe23519ac0 pvNtTerminateThread=00007ffe23545df0
4861b80.22f8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 76 ms.
4872fe8.c10: \SystemRoot\System32\ntdll.dll:
4882fe8.c10: CreationTime: 2017-08-01T00:43:57.703046100Z
4892fe8.c10: LastWriteTime: 2017-08-01T00:43:57.703046100Z
4902fe8.c10: ChangeTime: 2017-08-01T00:44:26.471603700Z
4912fe8.c10: FileAttributes: 0x20
4922fe8.c10: Size: 0x1d7450
4932fe8.c10: NT Headers: 0xe0
4942fe8.c10: Timestamp: 0xa329d3a8
4952fe8.c10: Machine: 0x8664 - amd64
4962fe8.c10: Timestamp: 0xa329d3a8
4972fe8.c10: Image Version: 10.0
4982fe8.c10: SizeOfImage: 0x1db000 (1945600)
4992fe8.c10: Resource Dir: 0x170000 LB 0x69398
5002fe8.c10: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
5012fe8.c10: [Raw version resource data: 0x1700f0 LB 0x380, codepage 0x0 (reserved 0x0)]
5022fe8.c10: ProductName: Microsoft® Windows® Operating System
5032fe8.c10: ProductVersion: 10.0.15063.447
5042fe8.c10: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
5052fe8.c10: FileDescription: NT Layer DLL
5062fe8.c10: \SystemRoot\System32\kernel32.dll:
5072fe8.c10: CreationTime: 2017-08-01T00:43:56.202885500Z
5082fe8.c10: LastWriteTime: 2017-08-01T00:43:56.202885500Z
5092fe8.c10: ChangeTime: 2017-07-31T14:44:56.905246200Z
5102fe8.c10: FileAttributes: 0x20
5112fe8.c10: Size: 0xad068
5122fe8.c10: NT Headers: 0xf8
5132fe8.c10: Timestamp: 0xf5fa43df
5142fe8.c10: Machine: 0x8664 - amd64
5152fe8.c10: Timestamp: 0xf5fa43df
5162fe8.c10: Image Version: 10.0
5172fe8.c10: SizeOfImage: 0xae000 (712704)
5182fe8.c10: Resource Dir: 0xac000 LB 0x520
5192fe8.c10: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5202fe8.c10: [Raw version resource data: 0xac0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
5212fe8.c10: ProductName: Microsoft® Windows® Operating System
5222fe8.c10: ProductVersion: 10.0.15063.296
5232fe8.c10: FileVersion: 10.0.15063.296 (WinBuild.160101.0800)
5242fe8.c10: FileDescription: Windows NT BASE API Client DLL
5252fe8.c10: \SystemRoot\System32\KernelBase.dll:
5262fe8.c10: CreationTime: 2017-08-01T00:43:57.687419100Z
5272fe8.c10: LastWriteTime: 2017-08-01T00:43:57.687419100Z
5282fe8.c10: ChangeTime: 2017-07-31T14:44:57.003236500Z
5292fe8.c10: FileAttributes: 0x20
5302fe8.c10: Size: 0x249df0
5312fe8.c10: NT Headers: 0x100
5322fe8.c10: Timestamp: 0x30ec82a7
5332fe8.c10: Machine: 0x8664 - amd64
5342fe8.c10: Timestamp: 0x30ec82a7
5352fe8.c10: Image Version: 10.0
5362fe8.c10: SizeOfImage: 0x249000 (2396160)
5372fe8.c10: Resource Dir: 0x22a000 LB 0x548
5382fe8.c10: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5392fe8.c10: [Raw version resource data: 0x22a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5402fe8.c10: ProductName: Microsoft® Windows® Operating System
5412fe8.c10: ProductVersion: 10.0.15063.447
5422fe8.c10: FileVersion: 10.0.15063.447 (WinBuild.160101.0800)
5432fe8.c10: FileDescription: Windows NT BASE API Client DLL
5442fe8.c10: \SystemRoot\System32\apisetschema.dll:
5452fe8.c10: CreationTime: 2017-03-18T20:57:35.373527900Z
5462fe8.c10: LastWriteTime: 2017-03-18T20:57:35.373527900Z
5472fe8.c10: ChangeTime: 2017-08-01T00:21:55.747676800Z
5482fe8.c10: FileAttributes: 0x20
5492fe8.c10: Size: 0x1ada0
5502fe8.c10: NT Headers: 0xc0
5512fe8.c10: Timestamp: 0x76544b2
5522fe8.c10: Machine: 0x8664 - amd64
5532fe8.c10: Timestamp: 0x76544b2
5542fe8.c10: Image Version: 10.0
5552fe8.c10: SizeOfImage: 0x1b000 (110592)
5562fe8.c10: Resource Dir: 0x1a000 LB 0x408
5572fe8.c10: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5582fe8.c10: [Raw version resource data: 0x1a060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
5592fe8.c10: ProductName: Microsoft® Windows® Operating System
5602fe8.c10: ProductVersion: 10.0.15063.0
5612fe8.c10: FileVersion: 10.0.15063.0 (WinBuild.160101.0800)
5622fe8.c10: FileDescription: ApiSet Schema DLL
5632fe8.c10: supR3HardenedWinFindAdversaries: 0x40000
5642fe8.c10: \SystemRoot\System32\drivers\SophosED.sys:
5652fe8.c10: CreationTime: 2017-10-16T10:05:09.802750600Z
5662fe8.c10: LastWriteTime: 2019-07-10T13:16:16.998478700Z
5672fe8.c10: ChangeTime: 2019-07-10T13:16:16.998478700Z
5682fe8.c10: FileAttributes: 0x20
5692fe8.c10: Size: 0xe34f8
5702fe8.c10: NT Headers: 0xf0
5712fe8.c10: Timestamp: 0x5bf40db0
5722fe8.c10: Machine: 0x8664 - amd64
5732fe8.c10: Timestamp: 0x5bf40db0
5742fe8.c10: Image Version: 10.0
5752fe8.c10: SizeOfImage: 0xf2000 (991232)
5762fe8.c10: Resource Dir: 0xea000 LB 0x6480
5772fe8.c10: [Version info resource found at 0x540! (ID/Name: 0x1; SubID/SubName: 0x409)]
5782fe8.c10: [Raw version resource data: 0xea550 LB 0x4b4, codepage 0x0 (reserved 0x0)]
5792fe8.c10: ProductName: Sophos Endpoint Defense
5802fe8.c10: ProductVersion: 2.1.1
5812fe8.c10: FileVersion: 2.1.1.39
5822fe8.c10: FileDescription: Sophos Endpoint Defense Mini-Filter Driver
5832fe8.c10: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
5842fe8.c10: Calling main()
5852fe8.c10: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
5862fe8.c10: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6'
5872fe8.c10: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe' has no imports
5882fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe)
5892fe8.c10: SUPR3HardenedMain: Final process, opening VBoxDrv...
5902fe8.c10: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001400000 LB 0x400000)
5912fe8.c10: supR3HardNtEnableThreadCreationEx:
5922fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll)
5932fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll
5942fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5952fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll [lacks WinVerifyTrust]
5962fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1a610000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL [fFlags=0x0]
5972fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll [lacks WinVerifyTrust]
5982fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll [lacks WinVerifyTrust]
5992fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6002fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1a610000 'C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL'
6012fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll [lacks WinVerifyTrust]
6022fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6032fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1a610000 'C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL'
6042fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1a610000 'C:\Program Files\Oracle\VirtualBox6\VBoxSupLib.DLL'
6052fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6062fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
6072fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
6082fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
6092fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
6102fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
6112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6132fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
6142fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
6152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
6162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
6172fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'msasn1.dll'.
6182fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
6192fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
6202fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
6222fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
6232fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
6242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6262fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
6272fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
6282fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
6292fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
6302fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6312fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6322fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe23030000 LB 0x0009d000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
6332fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6342fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f930000 LB 0x00011000 C:\Windows\System32\MSASN1.dll [fFlags=0x0]
6352fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6362fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1ffe0000 LB 0x000f6000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
6372fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
6382fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
6392fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1fbc0000 LB 0x001c9000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
6402fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6412fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe23370000 LB 0x00125000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
6422fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6432fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe23200000 LB 0x00059000 C:\Windows\System32\sechost.dll [fFlags=0x0]
6442fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
6452fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
6462fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
6472fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe213f0000 LB 0x000a1000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
6482fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6492fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
6502fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
6512fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
6522fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
6532fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe20930000 LB 0x00056000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
6542fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6552fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6562fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6572fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
6582fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6592fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6602fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
6612fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6622fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6632fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
6642fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6652fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6662fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
6672fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
6682fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6692fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
6702fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\system32\Wintrust.dll'
6712fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
6722fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
6732fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6742fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6752fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6762fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
6772fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
6782fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
6792fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6802fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6812fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6822fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6832fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6842fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6852fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6862fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6872fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f4d0000 LB 0x00025000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
6882fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6892fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f4d0000 'C:\Windows\system32\bcrypt.dll'
6902fe8.c10: bcrypt.dll loaded at 00007ffe1f4d0000, BCryptOpenAlgorithmProvider at 00007ffe1f4d4aa0, preloading providers:
6912fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
6922fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
6932fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6942fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f9c0000 LB 0x0006a000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
6952fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6962fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f9c0000 'C:\Windows\system32\bcryptprimitives.dll'
6972fe8.c10: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000019dd8f0)
6982fe8.c10: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000019e04d0)
6992fe8.c10: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000019e07a0)
7002fe8.c10: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000019e0a70)
7012fe8.c10: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000019e0d40)
7022fe8.c10: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000019e1010)
7032fe8.c10: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000019e12e0)
7042fe8.c10: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000019e15b0)
7052fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7062fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7072fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7082fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7092fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7102fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7112fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7122fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7132fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7142fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7152fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7162fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7172fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7182fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7192fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7202fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7212fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7222fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7232fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7242fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7252fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7262fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
7272fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
7282fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f3d0000 LB 0x00017000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
7292fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
7302fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'bcrypt.dll'.
7312fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
7322fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
7332fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
7342fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
7352fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7362fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7372fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7382fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1ee50000 LB 0x00034000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
7392fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7402fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
7412fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
7422fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
7432fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
7442fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f3c0000 LB 0x0000b000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
7452fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
7462fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7472fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
7482fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
7492fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
7502fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7512fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'C:\Windows\System32\kernel32.dll'
7522fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7532fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
7542fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7552fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7562fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\CRYPT32.dll'
7572fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe214a0000 LB 0x0001d000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
7582fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
7592fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
7602fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7612fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7622fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
7632fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
7642fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
7652fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'crypt32.dll'.
7662fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'bcrypt.dll'.
7672fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ncrypt.dll'.
7682fe8.c10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ngcrecovery.dll)
7692fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ngcrecovery.dll
7702fe8.c10: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000001d8 (hFile=00000000000001cc) with 0xc0000022 -> STATUS_TRUST_FAILURE
7712fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7722fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
7732fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
7742fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
7752fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1e700000 LB 0x00022000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
7762fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7772fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f910000 LB 0x00015000 C:\Windows\System32\profapi.dll [fFlags=0x0]
7782fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
7792fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
7802fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7812fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
7822fe8.c10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
7832fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
7842fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7852fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7862fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7872fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7882fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7892fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7902fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7912fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7922fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7932fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7942fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7952fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7962fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ncrypt.dll'...
7972fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ncrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\ncrypt.dll' [rcNtRedir=0xc0150008]
7982fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
7992fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ntasn1.dll'.
8002fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ncrypt.dll)
8012fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ncrypt.dll
8022fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
8032fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
8042fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
8052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
8062fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
8072fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8082fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8092fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8102fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
8122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
8132fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
8142fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
8152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntasn1.dll'...
8162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\ntasn1.dll' [rcNtRedir=0xc0150008]
8172fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntasn1.dll)
8182fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntasn1.dll
8192fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
8202fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
8212fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
8222fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8232fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8242fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1b420000 LB 0x0002f000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
8252fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8262fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8272fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8282fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8292fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8302fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8312fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8322fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8332fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8342fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8352fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8362fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8372fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8382fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8392fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8402fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8412fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8422fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8432fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8442fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8452fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8462fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8472fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8482fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8492fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8502fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8512fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8522fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8532fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8542fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8552fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8562fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
8572fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8582fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8592fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
8602fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8612fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8622fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
8632fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8642fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000001a52e30
8652fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
8662fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8B20614B43CC15BF412F46E920338E687B9EB4BD
8672fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8682fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8692fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23370000 'C:\Windows\System32\rpcrt4.dll'
8702fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8712fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8722fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8732fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8742fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8752fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8762fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8772fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8782fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8792fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8802fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8812fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8822fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
8832fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8842fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
8852fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8862fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8872fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
8882fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8892fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8902fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
8912fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1097_for_KB4022716~31bf3856ad364e35~amd64~~10.0.1.5.cat'; file='\SystemRoot\System32\ntdll.dll'
8922fe8.c10: g_pfnWinVerifyTrust=00007ffe2093d3e0
8932fe8.c10: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8942fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8952fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8962fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
8972fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8982fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8992fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9002fe8.c10: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
9012fe8.c10: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
9022fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9032fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9042fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9052fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9062fe8.c10: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
9072fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9082fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9092fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9102fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9112fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ntasn1.dll'
9122fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9132fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9142fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9152fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'
9162fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9172fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9182fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9192fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ncrypt.dll'
9202fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000370 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
9212fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
9222fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
9232fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=30DAE41220776EDDC1F05DDBB10EE8379CC41546
9242fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9252fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9262fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9272fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-onecore-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
9282fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9292fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
9302fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9312fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9322fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9332fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
9342fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9352fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9362fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9372fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
9382fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001d4 pwszName=\Device\HarddiskVolume3\Windows\System32\ngcrecovery.dll
9392fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
9402fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
9412fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6FF31F66ACC1741364CE15D70DCEA891F87E6083
9422fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9432fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9442fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
9452fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9462fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9472fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Security-Ngc-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\ngcrecovery.dll'
9482fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
9492fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ngcrecovery.dll'
9502fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9512fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9522fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9532fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
9542fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9552fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9562fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9572fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9582fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
9592fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9602fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9612fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9622fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
9632fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9642fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9652fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
9662fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9672fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9682fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
9692fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9702fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9712fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
9722fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9732fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9742fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
9752fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9762fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
9782fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9792fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9802fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll'
9812fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9822fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9832fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
9842fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9862fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
9872fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9882fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9892fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
9902fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9912fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSupLib.dll'
9922fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9932fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.exe'
9942fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9952fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9962fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
9972fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
9982fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
9992fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
10002fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\system32\crypt32.dll'
10012fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
10022fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
10032fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
10042fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
10052fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
10062fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
10072fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
10082fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
10092fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
10102fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
10112fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
10122fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
10132fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
10142fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
10152fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
10162fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
10172fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
10182fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
10192fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
10202fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
10212fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
10222fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
10232fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
10242fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
10252fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
10262fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
10272fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
10282fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
10292fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
10302fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
10312fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
10322fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
10332fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
10342fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
10352fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
10362fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
10372fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
10382fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
10392fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
10402fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
10412fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
10422fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
10432fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
10442fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0x6a171173915e900 CN=contech-SBS2011-CA
10452fe8.c10: supR3HardenedWinIsDesiredRootCA: Adding 0xaea4c0ae7368a800 CN=contech-SBS2011-CA
10462fe8.c10: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=45
10472fe8.c10: SUPR3HardenedMain: Load Runtime...
10482fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
10492fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10502fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
10512fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
10522fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
10532fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll) WinVerifyTrust
10542fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
10552fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
10562fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
10572fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
10582fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10592fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
10602fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
10612fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10622fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
10632fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
10642fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
10652fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
10662fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10672fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10682fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
10692fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
10702fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
10712fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10722fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10732fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
10742fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
10752fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10762fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll) WinVerifyTrust
10772fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
10782fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10792fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
10802fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10812fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
10822fe8.c10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
10832fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll)
10842fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
10852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
10862fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll) WinVerifyTrust
10872fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
10882fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
10892fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll [avoiding WinVerifyTrust]
10902fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
10912fe8.c10: supR3HardenedDllNotificationCallback: load 0000000054c40000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox6\MSVCR100.dll [fFlags=0x0]
10922fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll [avoiding WinVerifyTrust]
10932fe8.c10: supR3HardenedDllNotificationCallback: load 00000000540c0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox6\MSVCP100.dll [fFlags=0x0]
10942fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
10952fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe214c0000 LB 0x0006c000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
10962fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
10972fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffdf5df0000 LB 0x005ed000 C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll [fFlags=0x0]
10982fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
10992fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11002fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11012fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11022fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11032fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11042fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11052fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11062fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11072fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11082fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11092fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11102fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11112fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11122fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11132fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11142fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11152fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11162fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11172fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11182fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11192fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11202fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11212fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11222fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11232fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11242fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11252fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11262fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11272fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11282fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11292fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11302fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11312fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11322fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11332fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11342fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11352fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11362fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11372fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11382fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11392fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11402fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11412fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11422fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11432fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11442fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11452fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11462fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11472fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11482fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11492fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11502fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11512fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11522fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11532fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11542fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11552fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11562fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11582fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11592fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11602fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11612fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11622fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11632fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11642fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11652fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11662fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11672fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11682fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11692fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11702fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11712fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11722fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11732fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11742fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11752fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11762fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11782fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
11792fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11802fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11812fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11822fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11832fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11842fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11862fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11872fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11882fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11892fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11902fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11912fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11922fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11932fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11942fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11952fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
11962fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11972fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
11982fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
11992fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12002fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12012fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12022fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12032fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12042fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12052fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12062fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12072fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12082fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12092fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12102fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12112fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12122fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12132fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12142fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12152fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12162fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12172fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12182fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12192fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12202fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12212fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12222fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12232fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12242fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12252fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12262fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12272fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12282fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12292fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12302fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12312fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12322fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12332fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12342fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12352fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12362fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12372fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12382fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12392fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12402fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12412fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12422fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12432fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12442fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12452fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12462fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12472fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12482fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12492fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12502fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12512fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12522fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12532fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12542fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12552fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12562fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12582fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12592fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12602fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxRT.dll
12612fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12622fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12632fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12642fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12652fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12662fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12672fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12682fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12692fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12702fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12712fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12722fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12732fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'.
12742fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rescheduled]
12752fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5df0000 'C:\Program Files\Oracle\VirtualBox6\VBoxRT.dll'
12762fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
12772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll'
12782fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\system32\Wintrust.dll'
12792fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
12802fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
12812fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
12822fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
12832fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\system32\crypt32.dll'
12842fe8.c10: SUPR3HardenedMain: Load TrustedMain...
12852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
12862fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
12872fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
12882fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
12892fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
12902fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
12912fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
12922fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
12932fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
12942fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
12952fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
12962fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
12972fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
12982fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
12992fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll) WinVerifyTrust
13002fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll
13012fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
13022fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
13032fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
13042fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
13052fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
13062fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
13072fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
13082fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
13092fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
13112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13132fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
13142fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
13152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
13162fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
13172fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13182fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
13192fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
13202fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13222fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
13232fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
13242fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
13252fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
13262fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
13272fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
13282fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
13292fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
13302fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13312fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13322fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13332fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13342fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13352fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13362fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
13372fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
13382fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'bcryptprimitives.dll'.
13392fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
13402fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
13412fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
13422fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
13432fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
13442fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
13452fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
13462fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
13472fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13482fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13492fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
13502fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
13512fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'rpcrt4.dll'.
13522fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'gdi32.dll'.
13532fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'user32.dll'.
13542fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'combase.dll'.
13552fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
13562fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
13572fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13582fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13592fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13602fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13612fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
13622fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13632fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13642fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
13652fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
13662fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'.
13672fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
13682fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
13692fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13702fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13712fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
13722fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
13732fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
13742fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13752fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13762fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13772fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13782fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13792fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13802fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13812fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
13822fe8.c10: '\Device\HarddiskVolume3\Windows\System32\win32u.dll' has no imports
13832fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
13842fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
13852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
13862fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
13872fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
13882fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'gdi32.dll'.
13892fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust
13902fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
13912fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
13922fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13932fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13942fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13952fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13962fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13972fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
13982fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
13992fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
14002fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
14012fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
14022fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
14032fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5OpenGLVBox.dll) WinVerifyTrust
14042fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5OpenGLVBox.dll
14052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
14062fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
14072fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14082fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
14092fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
14102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14122fe8.c10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll'.
14132fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14142fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
14152fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
14162fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
14172fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
14182fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
14192fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
14202fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
14212fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll)
14222fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll
14232fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14252fe8.c10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll'.
14262fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
14272fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
14282fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
14292fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14302fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
14312fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14322fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14332fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll)
14342fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll
14352fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
14362fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
14372fe8.c10: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
14382fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
14392fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14402fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
14412fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
14422fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
14432fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14442fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14452fe8.c10: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll)
14462fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll
14472fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14482fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
14492fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
14502fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14512fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
14522fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
14532fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14542fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14552fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
14562fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14572fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #67 'user32.dll'.
14582fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #69 'gdi32.dll'.
14592fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
14602fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
14612fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14622fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14632fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14642fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14652fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14662fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14672fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14682fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14692fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14702fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14712fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14722fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14732fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14742fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
14752fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
14762fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14772fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
14782fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
14792fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14802fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14812fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14822fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14832fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14842fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14852fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14862fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14872fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14882fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14892fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14902fe8.c10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
14912fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14922fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
14932fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14942fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
14952fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
14962fe8.c10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
14972fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
14982fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14992fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15002fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
15012fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15022fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
15032fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
15042fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
15062fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
15072fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
15082fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
15092fe8.c10: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
15102fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
15112fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
15122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
15132fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
15142fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
15152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15172fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
15182fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15192fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15202fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
15212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15232fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
15242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15262fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15272fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
15282fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
15292fe8.c10: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
15302fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15312fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
15322fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
15332fe8.c10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
15342fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
15352fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15362fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15372fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15382fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15392fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15402fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15412fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15422fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15432fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
15442fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15452fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15462fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
15472fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15482fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15492fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15502fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15512fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15522fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15532fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15542fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15552fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
15562fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15572fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15582fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
15592fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15602fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15612fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15622fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15632fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15642fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
15652fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15662fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15672fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
15682fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
15692fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
15702fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15712fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15722fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll) WinVerifyTrust
15732fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15742fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15752fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll [redoing WinVerifyTrust]
15762fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15772fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
15782fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
15792fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15802fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
15812fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
15822fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15832fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15842fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
15852fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15862fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15872fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll [lacks WinVerifyTrust]
15882fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15892fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15902fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll [lacks WinVerifyTrust]
15912fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15922fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15932fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15942fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15952fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15962fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15972fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
15982fe8.c10: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll'
15992fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16002fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16012fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll [redoing WinVerifyTrust]
16022fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
16032fe8.c10: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll'
16042fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
16062fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
16072fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16082fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
16092fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
16102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
16112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
16122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
16132fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\uicommon.dll' [rcNtRedir=0xc0150008]
16142fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
16152fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
16162fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
16172fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
16182fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
16192fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
16202fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
16212fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
16222fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
16232fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
16242fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
16252fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\UICommon.dll) WinVerifyTrust
16262fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\UICommon.dll
16272fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16282fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
16292fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
16302fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
16312fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
16322fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
16332fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3C84CAE716539BA897604EBDDBAB05F52E4868A0
16342fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16352fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16362fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16372fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16382fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
16392fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16402fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16412fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
16422fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16432fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16442fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
16452fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16462fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16472fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
16482fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
16492fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
16502fe8.c10: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
16512fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
16522fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5guivbox.dll' [rcNtRedir=0xc0150008]
16532fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll
16542fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16552fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16562fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll
16572fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16582fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
16592fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
16602fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
16612fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
16622fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
16632fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecoreuap~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
16642fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16652fe8.c10: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
16662fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
16672fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll
16682fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
16692fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\UICommon.dll
16702fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll
16712fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll
16722fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
16732fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5OpenGLVBox.dll
16742fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
16752fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
16762fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
16772fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
16782fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe209e0000 LB 0x0001e000 C:\Windows\System32\win32u.dll [fFlags=0x0]
16792fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
16802fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe207e0000 LB 0x0009a000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
16812fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
16822fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1fa30000 LB 0x00188000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
16832fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
16842fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'gdi32.dll'.
16852fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'user32.dll'.
16862fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'win32u.dll'.
16872fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
16882fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
16892fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe23340000 LB 0x00027000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
16902fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
16912fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe20ac0000 LB 0x0014a000 C:\Windows\System32\USER32.dll [fFlags=0x0]
16922fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [avoiding WinVerifyTrust]
16932fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe08250000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
16942fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
16952fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe06b80000 LB 0x00121000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
16962fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
16972fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe20990000 LB 0x00049000 C:\Windows\System32\cfgmgr32.dll [fFlags=0x0]
16982fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
16992fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
17002fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe21530000 LB 0x002f9000 C:\Windows\System32\combase.dll [fFlags=0x0]
17012fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
17022fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe23150000 LB 0x000aa000 C:\Windows\System32\shcore.dll [fFlags=0x0]
17032fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17042fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
17052fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'combase.dll'.
17062fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
17072fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
17082fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe20a00000 LB 0x00051000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
17092fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
17102fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'gdi32.dll'.
17112fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'user32.dll'.
17122fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
17132fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
17142fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f950000 LB 0x00011000 C:\Windows\System32\kernel.appcore.dll [fFlags=0x0]
17152fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
17162fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
17172fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
17182fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
17192fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f970000 LB 0x0004c000 C:\Windows\System32\powrprof.dll [fFlags=0x0]
17202fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
17212fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
17222fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
17232fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe200e0000 LB 0x006f2000 C:\Windows\System32\windows.storage.dll [fFlags=0x0]
17242fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17252fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
17262fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'combase.dll'.
17272fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #63 'profapi.dll'.
17282fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
17292fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
17302fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe21830000 LB 0x01437000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
17312fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
17322fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe20c10000 LB 0x00145000 C:\Windows\System32\ole32.dll [fFlags=0x0]
17332fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
17342fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe12bf0000 LB 0x0001b000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
17352fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
17362fe8.c10: supR3HardenedDllNotificationCallback: load 00000000546d0000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll [fFlags=0x0]
17372fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll
17382fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffdf57f0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll [fFlags=0x0]
17392fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll
17402fe8.c10: supR3HardenedDllNotificationCallback: load 0000000054160000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll [fFlags=0x0]
17412fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
17422fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe23260000 LB 0x000c0000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
17432fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
17442fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffdddc80000 LB 0x02614000 C:\Program Files\Oracle\VirtualBox6\UICommon.dll [fFlags=0x0]
17452fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\UICommon.dll
17462fe8.c10: supR3HardenedDllNotificationCallback: load 0000000054060000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox6\Qt5OpenGLVBox.dll [fFlags=0x0]
17472fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5OpenGLVBox.dll
17482fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1dbc0000 LB 0x0002b000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
17492fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
17502fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1dbf0000 LB 0x00023000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
17512fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
17522fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffdfb210000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll [fFlags=0x0]
17532fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll
17542fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
17552fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
17562fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
17572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
17582fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
17592fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
17602fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
17612fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
17622fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
17632fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
17642fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
17652fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
17662fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
17672fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
17682fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
17692fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
17702fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
17712fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
17722fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
17732fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
17742fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
17752fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
17762fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
17772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
17782fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
17792fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
17802fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
17812fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
17822fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
17832fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
17842fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
17852fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
17862fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
17872fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
17882fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
17892fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
17902fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
17912fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
17922fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
17932fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
17942fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
17952fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17962fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17972fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17982fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17992fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18002fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18012fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18022fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18032fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18042fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18062fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18072fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
18082fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
18092fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
18102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18122fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
18132fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
18142fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
18152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18172fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
18182fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
18192fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
18202fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
18212fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
18222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18232fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18242fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
18252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18262fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18272fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18282fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18292fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
18302fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
18312fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
18322fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18332fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18342fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
18352fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
18362fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
18372fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18382fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18392fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
18402fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
18412fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
18422fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
18432fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
18442fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
18452fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
18462fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'C:\Windows\System32\kernel32.dll'
18472fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
18482fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
18492fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
18502fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
18512fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
18522fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
18532fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
18542fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
18552fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
18562fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
18572fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
18582fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
18592fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
18602fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
18612fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
18622fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
18632fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
18642fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
18652fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
18662fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
18672fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
18682fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
18692fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
18702fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
18712fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
18722fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
18732fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
18742fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
18752fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
18762fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
18772fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
18782fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
18792fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
18802fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
18812fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
18822fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
18832fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
18842fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
18852fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
18862fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
18872fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
18882fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
18892fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
18902fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
18912fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
18922fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
18932fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
18942fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
18952fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
18962fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
18972fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
18982fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
18992fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
19002fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
19012fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
19022fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
19032fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
19042fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
19052fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
19062fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
19072fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
19082fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
19092fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
19102fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
19112fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
19122fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
19132fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-string-l1-1-0'
19142fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
19152fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
19162fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
19172fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
19182fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
19192fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
19202fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
19212fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
19222fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
19232fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
19242fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
19252fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
19262fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
19272fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
19282fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
19292fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
19302fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
19312fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
19322fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
19332fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
19342fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
19352fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
19362fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
19372fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
19382fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
19392fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
19402fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
19412fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
19422fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
19432fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
19442fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
19452fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
19462fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
19472fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
19482fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
19492fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
19502fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
19512fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
19522fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
19532fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
19542fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
19552fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
19562fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
19572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
19582fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
19592fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
19602fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
19612fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
19622fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
19632fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
19642fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
19652fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
19662fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
19672fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
19682fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
19692fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
19702fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
19712fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
19722fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
19732fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
19742fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
19752fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
19762fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
19772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
19782fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
19792fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
19802fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-datetime-l1-1-1'
19812fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
19822fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
19832fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
19842fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
19852fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
19862fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
19872fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
19882fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
19892fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
19902fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
19912fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
19922fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
19932fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
19942fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
19952fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
19962fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
19972fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
19982fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
19992fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20002fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
20012fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
20022fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
20032fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20042fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20052fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20062fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20072fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20082fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20092fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
20102fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
20112fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
20122fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
20132fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
20142fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
20152fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
20162fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
20172fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
20182fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
20192fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
20202fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
20212fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
20222fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
20232fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
20242fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
20252fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
20262fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
20272fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
20282fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
20292fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
20302fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
20312fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20322fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
20332fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
20342fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
20352fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20362fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20372fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20382fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20392fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20402fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20412fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
20422fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
20432fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
20442fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
20452fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
20462fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20472fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-obsolete-l1-2-0'
20482fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
20492fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
20502fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
20512fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
20522fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
20532fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
20542fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
20552fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
20562fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
20572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
20582fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
20592fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
20602fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
20612fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
20622fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
20632fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
20642fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
20652fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
20662fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20672fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
20682fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
20692fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
20702fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20712fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20722fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20732fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20742fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20752fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20762fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
20772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
20782fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
20792fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
20802fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
20812fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
20822fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
20832fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
20842fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
20852fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
20862fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
20872fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
20882fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
20892fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
20902fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
20912fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
20922fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
20932fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
20942fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
20952fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
20962fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
20972fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
20982fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20992fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21002fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
21012fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
21022fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21032fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21042fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21052fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21062fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21072fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21082fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21092fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21102fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
21112fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
21122fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
21132fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
21142fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'win32u.dll'.
21152fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
21162fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
21172fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
21182fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
21192fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
21202fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21212fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
21222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21232fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21242fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
21252fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21262fe8.c10: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
21272fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21282fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe22cd0000 LB 0x0002d000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
21292fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
21302fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22cd0000 'C:\Windows\system32\IMM32.DLL'
21312fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
21322fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
21332fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
21342fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
21352fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
21362fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
21372fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
21382fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
21392fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
21402fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
21412fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
21422fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
21432fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
21442fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
21452fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21462fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21472fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21482fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21492fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21502fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21512fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21522fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21532fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
21542fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
21552fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21562fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21572fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21582fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21592fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21602fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21612fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21622fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21632fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
21642fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
21652fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
21662fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
21672fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
21682fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
21692fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
21702fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
21712fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
21722fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
21732fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
21742fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
21752fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
21762fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
21772fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
21782fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
21792fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21802fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21812fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21822fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21832fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21842fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21852fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21862fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21872fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
21882fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
21892fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21902fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21912fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21922fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21932fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21942fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21952fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21962fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21972fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
21982fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
21992fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
22002fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22012fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe213f0000 'C:\Windows\System32\ADVAPI32.DLL'
22022fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
22032fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
22042fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
22052fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
22062fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
22072fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
22082fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
22092fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
22102fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
22112fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
22122fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
22132fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
22142fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
22152fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
22162fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
22172fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
22182fe8.c10: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
22192fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
22202fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
22212fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
22222fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
22232fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
22242fe8.c10: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'.
22252fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll' [rescheduled]
22262fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
22272fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
22282fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
22292fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
22302fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
22312fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
22322fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22332fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22342fe8.c10: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
22352fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
22362fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfb210000 'C:\Program Files\Oracle\VirtualBox6\VirtualBoxVM.dll'
22372fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22382fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22392fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
22402fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22412fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22422fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'
22432fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22442fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22452fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'
22462fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22472fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22482fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
22492fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22502fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22512fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
22522fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22532fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22542fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
22552fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22562fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
22582fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22592fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22602fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'
22612fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000042c pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
22622fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
22632fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
22642fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A7A2A8476FB89CD693E7D6EDC0D3146B31869386
22652fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22662fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22672fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecoreuap~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
22682fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22692fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
22702fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22712fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22722fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll'
22732fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22742fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22752fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
22762fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22772fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5WidgetsVBox.dll'
22782fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22792fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22802fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll'
22812fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22822fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22832fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
22842fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22862fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
22872fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
22882fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22892fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22902fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22912fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
22922fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22932fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
22942fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'
22952fe8.c10: SUPR3HardenedMain: Calling TrustedMain (00007ffdfb2116c0)...
22962fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
22972fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
22982fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
22992fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23002fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
23012fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
23022fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
23032fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
23042fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
23052fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
23062fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
23072fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
23082fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll) WinVerifyTrust
23092fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll
23102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
23122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
23132fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5corevbox.dll' [rcNtRedir=0xc0150008]
23142fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5CoreVBox.dll
23152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
23162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\qt5guivbox.dll' [rcNtRedir=0xc0150008]
23172fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\Qt5GuiVBox.dll
23182fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23192fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23202fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
23212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
23222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
23232fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
23242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23262fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
23272fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23282fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
23292fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
23302fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
23312fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
23322fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
23332fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23342fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23352fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23362fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23372fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
23382fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23392fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23402fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23412fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll
23422fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffdfa2b0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll [fFlags=0x0]
23432fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll
23442fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfa2b0000 'C:\Program Files\Oracle\VirtualBox6\platforms\qwindows.dll'
23452fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000061c pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23462fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
23472fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
23482fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B531FF2B0DDEF1474B5898F2B0278778FD6901AD
23492fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
23502fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
23512fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
23522fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23532fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23542fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'gdi32.dll'.
23552fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'user32.dll'.
23562fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
23572fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23582fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23592fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23602fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23612fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23622fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23632fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23642fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
23652fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23662fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1dfd0000 LB 0x00095000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
23672fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23682fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1dfd0000 'C:\Windows\system32\uxtheme.dll'
23692fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'C:\Windows\system32\user32.dll'
23702fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
23712fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23722fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe21830000 'C:\Windows\system32\shell32.dll'
23732fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
23742fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23752fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23150000 'C:\Windows\system32\SHCore.dll'
23762fe8.c10: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
23772fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
23782fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23792fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'win32u.dll'.
23802fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'user32.dll'.
23812fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'gdi32.dll'.
23822fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dwmapi.dll)
23832fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
23842fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1d980000 LB 0x0002a000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
23852fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
23862fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23872fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23882fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23892fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23902fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
23912fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
23922fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
23932fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
23942fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23952fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23962fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
23972fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
23982fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll'
23992fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
24002fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24012fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1dbf0000 'C:\Windows\system32\winmm.dll'
24022fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
24032fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24042fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1dbf0000 'C:\Windows\system32\winmm.dll'
24052fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
24062fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24072fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe21830000 'C:\Windows\system32\shell32.dll'
24082fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
24092fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24102fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1dfd0000 'C:\Windows\system32\uxtheme.dll'
24112fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
24122fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24132fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe213f0000 'C:\Windows\system32\advapi32.dll'
24142fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
24152fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
24162fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
24172fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'profapi.dll'.
24182fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
24192fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
24202fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
24212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
24222fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
24232fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24252fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24262fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
24272fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1f810000 LB 0x00029000 C:\Windows\system32\userenv.dll [fFlags=0x0]
24282fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
24292fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f810000 'C:\Windows\system32\userenv.dll'
24302fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
24312fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24322fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'C:\Windows\System32\kernel32.dll'
24332fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe20f00000 LB 0x0009e000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
24342fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24352fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
24362fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
24372fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
24382fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24392fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24402fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24412fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24422fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
24432fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
24442fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
24452fe8.d0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
24462fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
24472fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24482fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
24492fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24502fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
24512fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
24522fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
24532fe8.d0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxC.dll) WinVerifyTrust
24542fe8.d0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxC.dll
24552fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24562fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24572fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24582fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24592fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24602fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24612fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24622fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24632fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
24642fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24652fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
24662fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
24672fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
24682fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll
24692fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24702fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
24712fe8.d0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24722fe8.d0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxC.dll
24732fe8.d0: supR3HardenedDllNotificationCallback: load 00007ffdf5440000 LB 0x003b0000 C:\Program Files\Oracle\VirtualBox6\VBoxC.dll [fFlags=0x0]
24742fe8.d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxC.dll
24752fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5440000 'C:\Program Files\Oracle\VirtualBox6\VBoxC.dll'
24762fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
24772fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24782fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24792fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
24802fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
24812fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
24822fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
24832fe8.d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
24842fe8.d0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll) WinVerifyTrust
24852fe8.d0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll
24862fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24872fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24882fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24892fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24902fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24912fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24922fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24932fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24942fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
24952fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
24962fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
24972fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24982fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24992fe8.d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
25002fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25012fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
25022fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25032fe8.d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
25042fe8.d0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25052fe8.d0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll
25062fe8.d0: supR3HardenedDllNotificationCallback: load 00007ffdfa770000 LB 0x000ed000 C:\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll [fFlags=0x0]
25072fe8.d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll
25082fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfa770000 'C:\Program Files\Oracle\VirtualBox6\VBoxProxyStub.dll'
25092fe8.d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
25102fe8.d0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25112fe8.d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23260000 'C:\Windows\System32\oleaut32.dll'
25122fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23340000 'C:\Windows\system32\gdi32.dll'
25132fe8.3664: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25142fe8.3664: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25152fe8.3664: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25162fe8.3664: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25172fe8.3664: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25182fe8.3664: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
25192fe8.3664: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25202fe8.3664: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25212fe8.3664: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
25222fe8.3664: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25232fe8.3664: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
25242fe8.3664: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25252fe8.3664: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25262fe8.3664: supR3HardenedDllNotificationCallback: load 00007ffe14480000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
25272fe8.3664: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25282fe8.3664: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe14480000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
25292fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
25302fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25312fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe21830000 'C:\Windows\system32\shell32.dll'
25322fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25332fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
25342fe8.c10: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
25352fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) WinVerifyTrust
25362fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
25372fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
25382fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe234a0000 'C:\Windows\System32\ntdll.dll'
25392fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe22d00000 LB 0x00166000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
25402fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25412fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'oleaut32.dll'.
25422fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
25432fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'gdi32.dll'.
25442fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'imm32.dll'.
25452fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
25462fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
25472fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
25482fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
25492fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
25502fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25512fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
25522fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25532fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25542fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25552fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25562fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
25572fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25582fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25592fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25602fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
25612fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
25622fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000964 pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
25632fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
25642fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
25652fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=61683FE342024A9B1FED0572E599EB6BBE8FAFAD
25662fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25672fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
25682fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecoreuap~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
25692fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25702fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25712fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
25722fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'combase.dll'.
25732fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'd3d11.dll'.
25742fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dcomp.dll'.
25752fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
25762fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
25772fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
25782fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
25792fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25802fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
25812fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25822fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
25832fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
25842fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
25852fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll) WinVerifyTrust
25862fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll
25872fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
25882fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
25892fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25902fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25912fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
25922fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
25932fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
25942fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
25952fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
25962fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25972fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'.
25982fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'win32u.dll'.
25992fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll) WinVerifyTrust
26002fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
26012fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
26022fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
26032fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
26042fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
26052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
26062fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
26072fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26082fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26092fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
26102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
26112fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
26122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
26132fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
26142fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
26152fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
26162fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26172fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
26182fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll) WinVerifyTrust
26192fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
26202fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
26232fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
26242fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
26252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26262fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26272fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
26282fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
26292fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
26302fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
26312fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll
26322fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1e840000 LB 0x000a4000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
26332fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll
26342fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1bd50000 LB 0x002df000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
26352fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
26362fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1c750000 LB 0x00122000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
26372fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
26382fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe050c0000 LB 0x00047000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
26392fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
26402fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe050c0000 'C:\Windows\system32\dataexchange.dll'
26412fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26422fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
26432fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'bcrypt.dll'.
26442fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'combase.dll'.
26452fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
26462fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
26472fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1e2c0000 LB 0x00170000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
26482fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
26492fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
26502fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
26512fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
26522fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
26532fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
26542fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
26552fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26562fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26572fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26582fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26592fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
26602fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
26612fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
26622fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
26632fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26642fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23150000 'C:\Windows\system32\Shcore.dll'
26652fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26662fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'coreuicomponents.dll'.
26672fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'coremessaging.dll'.
26682fe8.c10: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
26692fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
26702fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26712fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'coremessaging.dll'.
26722fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'shcore.dll'.
26732fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
26742fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
26752fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26762fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
26772fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
26782fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
26792fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntmarta.dll)
26802fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntmarta.dll
26812fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
26822fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
26832fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'bcryptprimitives.dll'.
26842fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
26852fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
26862fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26872fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
26882fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\usermgrcli.dll)
26892fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\usermgrcli.dll
26902fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1ec80000 LB 0x00031000 C:\Windows\SYSTEM32\ntmarta.dll [fFlags=0x0]
26912fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
26922fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1c610000 LB 0x000e3000 C:\Windows\System32\CoreMessaging.dll [fFlags=0x0]
26932fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
26942fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1a6e0000 LB 0x00139000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
26952fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
26962fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1b3e0000 LB 0x00015000 C:\Windows\SYSTEM32\usermgrcli.dll [fFlags=0x0]
26972fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\usermgrcli.dll [avoiding WinVerifyTrust]
26982fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe19e60000 LB 0x002d2000 C:\Windows\System32\CoreUIComponents.dll [fFlags=0x0]
26992fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
27002fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe0a3c0000 LB 0x00082000 C:\Windows\System32\TextInputFramework.dll [fFlags=0x0]
27012fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
27022fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27032fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27042fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27052fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27062fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
27072fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
27082fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
27092fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27102fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27112fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
27122fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
27132fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
27142fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27152fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27172fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27182fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
27192fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
27202fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
27212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
27222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
27232fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
27242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27262fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
27272fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
27282fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
27292fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
27302fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume3\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
27312fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
27322fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27332fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27342fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27352fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27362fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\usermgrcli.dll'
27372fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27382fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27392fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
27402fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27412fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27422fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ntmarta.dll'
27432fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27442fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27452fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'
27462fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27472fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27482fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'
27492fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000998 pwszName=\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
27502fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
27512fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
27522fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D9F6A1B151CF57E6DCA07996124AC68D7674C81
27532fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27542fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27552fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-InputService-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
27562fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27572fe8.c10: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
27582fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
27592fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27602fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23260000 'C:\Windows\System32\OLEAUT32.DLL'
27612fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
27622fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27632fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
27642fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
27652fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27662fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
27672fe8.c10: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\System32\secruntime.dll': 0 (NtPath=\??\C:\Windows\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
27682fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\System32\secruntime.dll'
27692fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-1.dll) -> 0x0, fPresent=1
27702fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-1.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27712fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe21530000 'api-ms-win-core-com-l1-1-1.dll'
27722fe8.c10: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\System32\secruntime.dll': 0 (NtPath=\??\C:\Windows\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
27732fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\System32\secruntime.dll'
27742fe8.c10: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\System32\secruntime.dll': 0 (NtPath=\??\C:\Windows\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
27752fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\System32\secruntime.dll'
27762fe8.c10: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\System32\secruntime.dll': 0 (NtPath=\??\C:\Windows\System32\secruntime.dll; Input=secruntime.dll; rcNtGetDll=0xc0000135
27772fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\System32\secruntime.dll'
27782fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
27792fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27802fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22d00000 'C:\Windows\System32\MSCTF.dll'
27812fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
27822fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27832fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20c10000 'C:\Windows\System32\ole32.dll'
27842fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23260000 'C:\Windows\System32\OLEAUT32.dll'
27852fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a44 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
27862fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
27872fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
27882fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C153C1EEAC2C5A257F8D6DAC54A4EBBA9125F07E
27892fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
27902fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
27912fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecore~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
27922fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27932fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27942fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
27952fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
27962fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
27972fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
27982fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
27992fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
28002fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a54 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
28012fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
28022fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
28032fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5C2FDDA9E0EDB4F1E87D406924BA16734871BCEF
28042fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
28052fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
28062fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecore~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
28072fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28082fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28092fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'bcrypt.dll'.
28102fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'ws2_32.dll'.
28112fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
28122fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
28132fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
28142fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
28152fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
28162fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28172fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28182fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
28192fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
28202fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
28212fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
28222fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
28232fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
28242fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28252fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28262fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
28272fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
28282fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
28292fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe196a0000 LB 0x00082000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
28302fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
28312fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe1a250000 LB 0x00010000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
28322fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
28332fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
28342fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28352fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
28362fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1a250000 'C:\Windows\system32\wbem\wbemprox.dll'
28372fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
28382fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
28392fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
28402fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=559C24F928E5CCE94C1894759931445FEFCE69FF
28412fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
28422fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
28432fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecore~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
28442fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28452fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28462fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
28472fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
28482fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
28492fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28502fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28512fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28522fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28532fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
28542fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
28552fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe18b00000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
28562fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
28572fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18b00000 'C:\Windows\system32\wbem\wbemsvc.dll'
28582fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
28592fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28602fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-0.dll'
28612fe8.c10: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
28622fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28632fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
28642fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a88 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
28652fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
28662fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
28672fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FF6EDA0EE7AAFEFF666CD9B9BCCFAF342DB5470
28682fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
28692fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
28702fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-onecore~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
28712fe8.c10: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28722fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28732fe8.c10: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
28742fe8.c10: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
28752fe8.c10: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
28762fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
28772fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
28782fe8.c10: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
28792fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28802fe8.c10: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28812fe8.c10: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
28822fe8.c10: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
28832fe8.c10: supR3HardenedDllNotificationCallback: load 00007ffe18a10000 LB 0x000f0000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
28842fe8.c10: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
28852fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18a10000 'C:\Windows\system32\wbem\fastprox.dll'
28862fe8.c10: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe213f0000 'C:\Windows\System32\ADVAPI32.dll'
28872fe8.119c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
28882fe8.119c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28892fe8.119c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28902fe8.119c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll) WinVerifyTrust
28912fe8.119c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
28922fe8.119c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28932fe8.119c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
28942fe8.119c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28952fe8.119c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
28962fe8.119c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28972fe8.119c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
28982fe8.119c: supR3HardenedDllNotificationCallback: load 00007ffdf94d0000 LB 0x0037d000 C:\Program Files\Oracle\VirtualBox6\VBoxVMM.DLL [fFlags=0x0]
28992fe8.119c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
29002fe8.119c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf94d0000 'C:\Program Files\Oracle\VirtualBox6\VBoxVMM.DLL'
29012fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29022fe8.393c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29032fe8.393c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29042fe8.393c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
29052fe8.393c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
29062fe8.393c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
29072fe8.393c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
29082fe8.393c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.dll) WinVerifyTrust
29092fe8.393c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.dll
29102fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29112fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29122fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29132fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
29142fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
29152fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxvmm.dll' [rcNtRedir=0xc0150008]
29162fe8.393c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
29172fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
29182fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
29192fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29202fe8.393c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
29212fe8.393c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29222fe8.393c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.dll
29232fe8.393c: supR3HardenedDllNotificationCallback: load 00007ffe13930000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.DLL [fFlags=0x0]
29242fe8.393c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.dll
29252fe8.393c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13930000 'C:\Program Files\Oracle\VirtualBox6\VBoxSharedClipboard.DLL'
29262fe8.520: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29272fe8.520: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29282fe8.520: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
29292fe8.520: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29302fe8.520: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.dll) WinVerifyTrust
29312fe8.520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.dll
29322fe8.520: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29332fe8.520: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
29342fe8.520: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
29352fe8.520: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
29362fe8.520: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29372fe8.520: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
29382fe8.520: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll
29392fe8.520: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29402fe8.520: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.dll
29412fe8.520: supR3HardenedDllNotificationCallback: load 00007ffe138a0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.DLL [fFlags=0x0]
29422fe8.520: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.dll
29432fe8.520: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe138a0000 'C:\Program Files\Oracle\VirtualBox6\VBoxDragAndDropSvc.DLL'
29442fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
29452fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29462fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe21830000 'C:\Windows\system32\Shell32.dll'
29472fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
29482fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29492fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf94d0000 'C:\Program Files\Oracle\VirtualBox6\VBoxVMM.DLL'
29502fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29512fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29522fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29532fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
29542fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
29552fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
29562fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
29572fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29582fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
29592fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
29602fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29612fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29622fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29632fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29642fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29652fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
29662fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29672fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
29682fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29692fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29702fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe05a20000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
29712fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29722fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe05a20000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
29732fe8.1be8: supR3HardenedDllNotificationCallback: Unload 00007ffe05a20000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
29742fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29752fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29762fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29772fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29782fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29792fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
29802fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
29812fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
29822fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
29832fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
29842fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
29852fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
29862fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD.dll) WinVerifyTrust
29872fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD.dll
29882fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
29892fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
29902fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
29912fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
29922fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
29932fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
29942fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29952fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29962fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29972fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
29982fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
29992fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
30002fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
30012fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30022fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
30032fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30042fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
30052fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'cfgmgr32.dll'.
30062fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
30072fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
30082fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30092fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30102fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
30112fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxdd2.dll' [rcNtRedir=0xc0150008]
30122fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
30132fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
30142fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
30152fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30162fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30172fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30182fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30192fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30202fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30212fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30222fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD2.dll) WinVerifyTrust
30232fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD2.dll
30242fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
30252fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxddu.dll' [rcNtRedir=0xc0150008]
30262fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30272fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
30282fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30292fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
30302fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30312fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30322fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30332fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
30342fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
30352fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
30362fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDDU.dll) WinVerifyTrust
30372fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDDU.dll
30382fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30392fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
30402fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
30412fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxvmm.dll' [rcNtRedir=0xc0150008]
30422fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
30432fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30442fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
30452fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30462fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
30472fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
30482fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
30492fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
30502fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30512fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30522fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30532fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
30542fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30552fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
30562fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30572fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD.dll
30582fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDDU.dll
30592fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD2.dll
30602fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
30612fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe20fb0000 LB 0x0043b000 C:\Windows\System32\SETUPAPI.dll [fFlags=0x0]
30622fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
30632fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffdfa6b0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox6\VBoxDDU.dll [fFlags=0x0]
30642fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDDU.dll
30652fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffde1a50000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox6\VBoxDD2.dll [fFlags=0x0]
30662fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD2.dll
30672fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe1efc0000 LB 0x00037000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
30682fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
30692fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffddd290000 LB 0x009e4000 C:\Program Files\Oracle\VirtualBox6\VBoxDD.DLL [fFlags=0x0]
30702fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD.dll
30712fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddd290000 'C:\Program Files\Oracle\VirtualBox6\VBoxDD.DLL'
30722fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30732fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30742fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30752fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30762fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe05a20000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
30772fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
30782fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe05a20000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
30792fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30802fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxC.dll
30812fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30822fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdf5440000 'C:\Program Files\Oracle\VirtualBox6\VBoxC.DLL'
30832fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30842fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxDD2.dll
30852fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30862fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffde1a50000 'C:\Program Files\Oracle\VirtualBox6\VBoxDD2.DLL'
30872fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30882fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
30892fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30902fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30912fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
30922fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
30932fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30942fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
30952fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30962fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
30972fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30982fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
30992fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe13880000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
31002fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31012fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13880000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
31022fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31032fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31042fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31052fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31062fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
31072fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
31082fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31092fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
31102fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31112fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
31122fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31132fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
31142fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe0b110000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
31152fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
31162fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe0b110000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
31172fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31182fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31192fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31202fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31212fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
31222fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31232fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31242fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
31252fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31262fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
31272fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31282fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31292fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe08b10000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
31302fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31312fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe08b10000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
31322fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31332fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31342fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31352fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31362fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
31372fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31382fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31392fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
31402fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31412fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
31422fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31432fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31442fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe05b20000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
31452fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31462fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe05b20000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
31472fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31482fe8.928: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31492fe8.928: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31502fe8.928: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
31512fe8.928: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
31522fe8.928: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.dll) WinVerifyTrust
31532fe8.928: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.dll
31542fe8.928: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31552fe8.928: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
31562fe8.928: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
31572fe8.928: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxvmm.dll' [rcNtRedir=0xc0150008]
31582fe8.928: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
31592fe8.928: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31602fe8.928: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
31612fe8.928: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31622fe8.928: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.dll
31632fe8.928: supR3HardenedDllNotificationCallback: load 00007ffe05b00000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.DLL [fFlags=0x0]
31642fe8.928: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.dll
31652fe8.928: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe05b00000 'C:\Program Files\Oracle\VirtualBox6\VBoxSharedFolders.DLL'
31662fe8.21d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31672fe8.21d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31682fe8.21d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
31692fe8.21d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
31702fe8.21d0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
31712fe8.21d0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.dll) WinVerifyTrust
31722fe8.21d0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.dll
31732fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31742fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
31752fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
31762fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxvmm.dll' [rcNtRedir=0xc0150008]
31772fe8.21d0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxVMM.dll
31782fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
31792fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
31802fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31812fe8.21d0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
31822fe8.21d0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31832fe8.21d0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.dll
31842fe8.21d0: supR3HardenedDllNotificationCallback: load 00007ffe13860000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.DLL [fFlags=0x0]
31852fe8.21d0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.dll
31862fe8.21d0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13860000 'C:\Program Files\Oracle\VirtualBox6\VBoxGuestControlSvc.DLL'
31872fe8.680: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
31882fe8.680: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31892fe8.680: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
31902fe8.680: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
31912fe8.680: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.dll) WinVerifyTrust
31922fe8.680: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.dll
31932fe8.680: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31942fe8.680: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
31952fe8.680: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
31962fe8.680: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcp100.dll' [rcNtRedir=0xc0150008]
31972fe8.680: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31982fe8.680: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
31992fe8.680: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32002fe8.680: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.dll
32012fe8.680: supR3HardenedDllNotificationCallback: load 00007ffe13520000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.DLL [fFlags=0x0]
32022fe8.680: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.dll
32032fe8.680: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe13520000 'C:\Program Files\Oracle\VirtualBox6\VBoxGuestPropSvc.DLL'
32042fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32052fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32062fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32072fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
32082fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
32092fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
32102fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32112fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\vboxrt.dll' [rcNtRedir=0xc0150008]
32122fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32132fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\msvcr100.dll' [rcNtRedir=0xc0150008]
32142fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32152fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
32162fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe19be0000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
32172fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
32182fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe19be0000 'C:\Program Files\Oracle\VirtualBox6\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
32192fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
32202fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32212fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1efc0000 'C:\Windows\system32\Iphlpapi.dll'
32222fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32232fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
32242fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll)
32252fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
32262fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe23320000 LB 0x00008000 C:\Windows\System32\NSI.dll [fFlags=0x0]
32272fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
32282fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
32292fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe1b380000 LB 0x0000b000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
32302fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
32312fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32322fe8.1be8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll)
32332fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
32342fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe1ace0000 LB 0x00016000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
32352fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
32362fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32372fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
32382fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
32392fe8.1be8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll)
32402fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32412fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe1aca0000 LB 0x0001a000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
32422fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
32432fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e7c pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32442fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
32452fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
32462fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DD77C0B8420B1E0725E0BAACB8F1F2821C7C9053
32472fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
32482fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
32492fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
32502fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
32512fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
32522fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
32532fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32542fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32552fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32562fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32572fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
32582fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
32592fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
32602fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
32612fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
32622fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32632fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
32642fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-minio-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
32652fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32662fe8.1be8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
32672fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e74 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
32682fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
32692fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
32702fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0462C999B5398941A444B13399F1AFCF2D9BD7ED
32712fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32722fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
32732fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-CoreSystem-minio-Package~31bf3856ad364e35~amd64~~10.0.15063.0.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
32742fe8.1be8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
32752fe8.1be8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
32762fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32772fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
32782fe8.1be8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
32792fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32802fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
32812fe8.1be8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
32822fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
32832fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
32842fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32852fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
32862fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
32872fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
32882fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dwmapi.dll'.
32892fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d9.dll) WinVerifyTrust
32902fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d9.dll
32912fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
32922fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
32932fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dwmapi.dll
32942fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
32952fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
32962fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll
32972fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
32982fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
32992fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33002fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33012fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33022fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33032fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
33042fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33052fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
33062fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe07f50000 LB 0x00189000 C:\Windows\system32\d3d9.dll [fFlags=0x0]
33072fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
33082fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe07f50000 'C:\Windows\system32\d3d9.dll'
33092fe8.1be8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll: Owner is administrators group.
33102fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
33112fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
33122fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'version.dll'.
33132fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
33142fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll) WinVerifyTrust
33152fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
33162fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33172fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33182fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
33192fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
33202fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
33212fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
33222fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33232fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll) WinVerifyTrust
33242fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
33252fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33262fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33272fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33282fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
33292fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
33302fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe1cf30000 LB 0x0000a000 C:\Windows\SYSTEM32\VERSION.dll [fFlags=0x0]
33312fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
33322fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffe18fa0000 LB 0x000ef000 C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll [fFlags=0x0]
33332fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
33342fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
33352fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33362fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
33372fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
33382fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33392fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
33402fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
33412fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33422fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
33432fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
33442fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33452fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
33462fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
33472fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33482fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
33492fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
33502fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
33512fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\wintrust.dll'
33522fe8.1be8: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll: Owner is administrators group.
33532fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
33542fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33552fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
33562fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
33572fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'version.dll'.
33582fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
33592fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
33602fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
33612fe8.1be8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
33622fe8.1be8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll) WinVerifyTrust
33632fe8.1be8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll
33642fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
33652fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
33662fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
33672fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
33682fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
33692fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
33702fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
33712fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
33722fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
33732fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
33742fe8.1be8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
33752fe8.1be8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
33762fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33772fe8.1be8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll
33782fe8.1be8: supR3HardenedDllNotificationCallback: load 00007ffddbd80000 LB 0x01504000 C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll [fFlags=0x0]
33792fe8.1be8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll
33802fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
33812fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33822fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
33832fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
33842fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33852fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
33862fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
33872fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33882fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
33892fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
33902fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33912fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
33922fe8.1be8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
33932fe8.1be8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
33942fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
33952fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffddbd80000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvd3dumx.dll'
33962fe8.1be8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe23340000 'C:\Windows\System32\gdi32.dll'
33972fe8.328c: '\Device\HarddiskVolume3\Windows\System32\tzres.dll' has no imports
33982fe8.328c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\tzres.dll)
33992fe8.328c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\tzres.dll
34002fe8.328c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000b50 (hFile=0000000000000b3c) with 0xc0000022 -> STATUS_TRUST_FAILURE
34012fe8.328c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
34022fe8.328c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000b3c (hFile=0000000000000b50) with 0xc0000022 -> STATUS_TRUST_FAILURE
34032fe8.2810: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000adc pwszName=\Device\HarddiskVolume3\Windows\System32\tzres.dll
34042fe8.2810: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001a52e30
34052fe8.2810: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001a52e30
34062fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
34072fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\CRYPT32.dll'
34082fe8.2810: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8867A3D506FE23E5881B28A9F704179D1A9B603A
34092fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
34102fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
34112fe8.2810: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_727_for_KB4022716~31bf3856ad364e35~amd64~~10.0.1.5.cat'; file='\Device\HarddiskVolume3\Windows\System32\tzres.dll'
34122fe8.2810: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34132fe8.2810: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\tzres.dll'
34142fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
34152fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34162fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
34172fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-core-resourcepolicy-l1-1-0.dll) -> 0x0, fPresent=1
34182fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-core-resourcepolicy-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34192fe8.2810: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34202fe8.2810: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'rpcrt4.dll'.
34212fe8.2810: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll)
34222fe8.2810: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll
34232fe8.2810: supR3HardenedDllNotificationCallback: load 00007ffe1e430000 LB 0x0001e000 C:\Windows\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
34242fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
34252fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1e430000 'ext-ms-win-core-resourcepolicy-l1-1-0.dll'
34262fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34272fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34282fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34292fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34302fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
34312fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
34322fe8.2810: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll'
34332fe8.2810: supR3HardenedDllNotificationCallback: Unload 00007ffe1e430000 LB 0x0001e000 C:\Windows\SYSTEM32\resourcepolicyclient.dll [flags=0x0]
34342fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
34352fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34362fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
34372fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'C:\Windows\system32\user32.dll'
34382fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
34392fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34402fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'C:\Windows\System32\kernel32.dll'
34412fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll
34422fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\powrprof.dll (Input=powrprof.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34432fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f970000 'C:\Windows\System32\powrprof.dll'
34442fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe21830000 'C:\Windows\System32\Shell32.dll'
34452fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
34462fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
34472fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
34482fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
34492fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
34502fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
34512fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
34522fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34532fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f3c0000 'C:\Windows\System32\cryptbase.dll'
34542fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\wintrust.dll'
34552fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
34562fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
34572fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34582fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
34592fe8.2810: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll: Owner is administrators group.
34602fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
34612fe8.2810: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
34622fe8.2810: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
34632fe8.2810: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'version.dll'.
34642fe8.2810: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll) WinVerifyTrust
34652fe8.2810: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
34662fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
34672fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
34682fe8.2810: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
34692fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
34702fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
34712fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
34722fe8.2810: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
34732fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34742fe8.2810: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
34752fe8.2810: supR3HardenedDllNotificationCallback: load 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [fFlags=0x0]
34762fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
34772fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
34782fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34792fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
34802fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
34812fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34822fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
34832fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
34842fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34852fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
34862fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
34872fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34882fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
34892fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
34902fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34912fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
34922fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfb170000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll'
34932fe8.2810: supR3HardenedDllNotificationCallback: Unload 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [flags=0x0]
34942fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
34952fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34962fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe07f50000 'C:\Windows\system32\d3d9.dll'
34972fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
34982fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34992fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
35002fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
35012fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35022fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
35032fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'C:\Windows\system32\user32.dll'
35042fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll
35052fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\powrprof.dll (Input=powrprof.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35062fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f970000 'C:\Windows\System32\powrprof.dll'
35072fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
35082fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
35092fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
35102fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
35112fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
35122fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\CRYPT32.dll'
35132fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
35142fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
35152fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
35162fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35172fe8.2810: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
35182fe8.2810: supR3HardenedDllNotificationCallback: load 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [fFlags=0x0]
35192fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
35202fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
35212fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35222fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
35232fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
35242fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35252fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
35262fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
35272fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35282fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
35292fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
35302fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35312fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
35322fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
35332fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35342fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
35352fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfb170000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll'
35362fe8.2810: supR3HardenedDllNotificationCallback: Unload 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [flags=0x0]
35372fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
35382fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35392fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe07f50000 'C:\Windows\system32\d3d9.dll'
35402fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
35412fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35422fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
35432fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll
35442fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35452fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
35462fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'C:\Windows\system32\user32.dll'
35472fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll
35482fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\powrprof.dll (Input=powrprof.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35492fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f970000 'C:\Windows\System32\powrprof.dll'
35502fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
35512fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
35522fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
35532fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
35542fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
35552fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\CRYPT32.dll'
35562fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
35572fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
35582fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
35592fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35602fe8.2810: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
35612fe8.2810: supR3HardenedDllNotificationCallback: load 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [fFlags=0x0]
35622fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll
35632fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
35642fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35652fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
35662fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
35672fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35682fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
35692fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
35702fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35712fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
35722fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
35732fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35742fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
35752fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
35762fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
35772fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
35782fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfb170000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll'
35792fe8.2810: supR3HardenedDllNotificationCallback: Unload 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [flags=0x0]
35802fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
35812fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35822fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe07f50000 'C:\Windows\system32\d3d9.dll'
35832fe8.328c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
35842fe8.328c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
35852fe8.328c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\CRYPT32.dll'
35862fe8.328c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\crypt32.dll'
35872fe8.328c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ws2_32.dll'.
35882fe8.328c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
35892fe8.328c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mswsock.dll) WinVerifyTrust
35902fe8.328c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mswsock.dll
35912fe8.328c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
35922fe8.328c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
35932fe8.328c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
35942fe8.328c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
35952fe8.328c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
35962fe8.328c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35972fe8.328c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
35982fe8.328c: supR3HardenedDllNotificationCallback: load 00007ffe1f220000 LB 0x0005c000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
35992fe8.328c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
36002fe8.328c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f220000 'C:\Windows\system32\mswsock.dll'
36012fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
36022fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe18fa0000 'C:\Windows\System32\DriverStore\FileRepository\nvltwi.inf_amd64_662b3d9520a853d4\nvldumdx.dll'
36032fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20ac0000 'C:\Windows\system32\user32.dll'
36042fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll
36052fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\powrprof.dll (Input=powrprof.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36062fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1f970000 'C:\Windows\System32\powrprof.dll'
36072fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
36082fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
36092fe8.2810: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
36102fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
36112fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe20930000 'C:\Windows\System32\WINTRUST.DLL'
36122fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fbc0000 'C:\Windows\System32\CRYPT32.dll'
36132fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1ee50000 'C:\Windows\system32\rsaenh.dll'
36142fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1b420000 'C:\Windows\System32\cryptnet.dll'
36152fe8.2810: supR3HardenedDllNotificationCallback: load 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [fFlags=0x0]
36162fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
36172fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36182fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
36192fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
36202fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36212fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
36222fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
36232fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36242fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-synch-l1-2-0'
36252fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
36262fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36272fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-fibers-l1-1-1'
36282fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
36292fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
36302fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe1fd90000 'api-ms-win-core-localization-l1-2-1'
36312fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffdfb170000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll'
36322fe8.2810: supR3HardenedDllNotificationCallback: Unload 00007ffdfb170000 LB 0x0009e000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraWhitelisting64.dll [flags=0x0]
36332fe8.2810: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d9.dll
36342fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36352fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe07f50000 'C:\Windows\system32\d3d9.dll'
36362fe8.2810: KiUserExceptionDispatcher: 0xc0000005 (0000000000000000, 0000000000000000) @ 00007ffddd321192 (flags=0x0)
3637 rax=0000000000000000 rbx=00000000145f4048 rcx=0000000000000000 rdx=00000000116df800
3638 rsi=0000000000000018 rdi=00000000145f4040 r8 =000000000616dbb0 r9 =0000000000000000
3639 r10=0000000005581510 r11=00000000145f4044 r12=000000000d270000 r13=0000000006ed7680
3640 r14=000000000d270800 r15=000000000d290000 P1=00000000067f9b9c P2=00000000116df0e0
3641 rip=00007ffddd321192 rsp=00000000116df7e0 rbp=00000000116df920 ctxflags=0010005f
3642 cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b eflags=00010246 mxcrx=00001fa0
3643 P3=0000000000000c8c P4=0000000000000040 P5=00000000067f9b9c P6=00007ffdf5f5b0bf
3644 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
3645 dr6=0000000000000000 dr7=0000000000000000 vcr=00000000017a00c0 dcr=0000000000000004
3646 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
36472fe8.2810: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-kernel32-errorhandling-l1-1-0.dll) -> 0x0, fPresent=1
36482fe8.2810: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-kernel32-errorhandling-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36492fe8.2810: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffe22e70000 'ext-ms-win-kernel32-errorhandling-l1-1-0.dll'
36501b80.22f8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 42243769 ms, the end);
36513668.398c: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000005 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 42244427 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy