VirtualBox

Ticket #19402: VBoxHardening.log

File VBoxHardening.log, 443.3 KB (added by Mariana89, 5 years ago)

VBoxHardening.log

Line 
110f8.3158: Log file opened: 6.1.0r135406 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047ba00
210f8.3158: \SystemRoot\System32\ntdll.dll:
310f8.3158: CreationTime: 2020-03-12T18:03:23.862783400Z
410f8.3158: LastWriteTime: 2020-03-12T18:03:23.901822700Z
510f8.3158: ChangeTime: 2020-03-13T23:09:20.291227300Z
610f8.3158: FileAttributes: 0x20
710f8.3158: Size: 0x1e8450
810f8.3158: NT Headers: 0xd8
910f8.3158: Timestamp: 0x64d10ee0
1010f8.3158: Machine: 0x8664 - amd64
1110f8.3158: Timestamp: 0x64d10ee0
1210f8.3158: Image Version: 10.0
1310f8.3158: SizeOfImage: 0x1f0000 (2031616)
1410f8.3158: Resource Dir: 0x17f000 LB 0x6f310
1510f8.3158: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1610f8.3158: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1710f8.3158: ProductName: Microsoft® Windows® Operating System
1810f8.3158: ProductVersion: 10.0.18362.719
1910f8.3158: FileVersion: 10.0.18362.719 (WinBuild.160101.0800)
2010f8.3158: FileDescription: NT Layer DLL
2110f8.3158: \SystemRoot\System32\kernel32.dll:
2210f8.3158: CreationTime: 2019-09-12T18:16:18.691799400Z
2310f8.3158: LastWriteTime: 2019-09-12T18:16:18.748641600Z
2410f8.3158: ChangeTime: 2020-03-12T18:04:13.145910600Z
2510f8.3158: FileAttributes: 0x20
2610f8.3158: Size: 0xb0570
2710f8.3158: NT Headers: 0xe8
2810f8.3158: Timestamp: 0xd0cecc10
2910f8.3158: Machine: 0x8664 - amd64
3010f8.3158: Timestamp: 0xd0cecc10
3110f8.3158: Image Version: 10.0
3210f8.3158: SizeOfImage: 0xb2000 (729088)
3310f8.3158: Resource Dir: 0xb0000 LB 0x520
3410f8.3158: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3510f8.3158: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3610f8.3158: ProductName: Microsoft® Windows® Operating System
3710f8.3158: ProductVersion: 10.0.18362.329
3810f8.3158: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
3910f8.3158: FileDescription: Windows NT BASE API Client DLL
4010f8.3158: \SystemRoot\System32\KernelBase.dll:
4110f8.3158: CreationTime: 2020-03-12T18:03:24.571361200Z
4210f8.3158: LastWriteTime: 2020-03-12T18:03:24.631875100Z
4310f8.3158: ChangeTime: 2020-03-13T23:09:19.494530700Z
4410f8.3158: FileAttributes: 0x20
4510f8.3158: Size: 0x2a3e38
4610f8.3158: NT Headers: 0xf0
4710f8.3158: Timestamp: 0xb31987d3
4810f8.3158: Machine: 0x8664 - amd64
4910f8.3158: Timestamp: 0xb31987d3
5010f8.3158: Image Version: 10.0
5110f8.3158: SizeOfImage: 0x2a3000 (2764800)
5210f8.3158: Resource Dir: 0x27d000 LB 0x548
5310f8.3158: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5410f8.3158: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5510f8.3158: ProductName: Microsoft® Windows® Operating System
5610f8.3158: ProductVersion: 10.0.18362.719
5710f8.3158: FileVersion: 10.0.18362.719 (WinBuild.160101.0800)
5810f8.3158: FileDescription: Windows NT BASE API Client DLL
5910f8.3158: \SystemRoot\System32\apisetschema.dll:
6010f8.3158: CreationTime: 2019-03-19T04:43:54.837151500Z
6110f8.3158: LastWriteTime: 2019-03-19T04:43:54.837151500Z
6210f8.3158: ChangeTime: 2020-03-12T18:04:13.130294300Z
6310f8.3158: FileAttributes: 0x20
6410f8.3158: Size: 0x1d028
6510f8.3158: NT Headers: 0xc8
6610f8.3158: Timestamp: 0xd6ced080
6710f8.3158: Machine: 0x8664 - amd64
6810f8.3158: Timestamp: 0xd6ced080
6910f8.3158: Image Version: 10.0
7010f8.3158: SizeOfImage: 0x1e000 (122880)
7110f8.3158: Resource Dir: 0x1d000 LB 0x408
7210f8.3158: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7310f8.3158: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7410f8.3158: ProductName: Microsoft® Windows® Operating System
7510f8.3158: ProductVersion: 10.0.18362.1
7610f8.3158: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
7710f8.3158: FileDescription: ApiSet Schema DLL
7810f8.3158: NtOpenDirectoryObject failed on \Driver: 0xc0000022
7910f8.3158: supR3HardenedWinFindAdversaries: 0x0
8010f8.3158: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
8110f8.3158: Calling main()
8210f8.3158: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
8310f8.3158: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
8410f8.3158: SUPR3HardenedMain: Respawn #1
8510f8.3158: System32: \Device\HarddiskVolume3\Windows\System32
8610f8.3158: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
8710f8.3158: KnownDllPath: C:\WINDOWS\System32
8810f8.3158: supR3HardenedWinInit: Performing a limited self purification...
8910f8.3158: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
9010f8.3158: *0000000000000000-000000000004ffff 0x0001/0x0000 0x0000000
9110f8.3158: *0000000000050000-000000000005ffff 0x0004/0x0004 0x0040000
9210f8.3158: 0000000000060000-000000000006ffff 0x0001/0x0000 0x0000000
9310f8.3158: *0000000000070000-000000000008afff 0x0002/0x0002 0x0040000
9410f8.3158: 000000000008b000-000000000008ffff 0x0001/0x0000 0x0000000
9510f8.3158: *0000000000090000-0000000000148fff 0x0000/0x0004 0x0020000
9610f8.3158: 0000000000149000-000000000014bfff 0x0104/0x0004 0x0020000
9710f8.3158: 000000000014c000-000000000018ffff 0x0004/0x0004 0x0020000
9810f8.3158: *0000000000190000-0000000000193fff 0x0002/0x0002 0x0040000
9910f8.3158: 0000000000194000-000000000019ffff 0x0001/0x0000 0x0000000
10010f8.3158: *00000000001a0000-00000000001a1fff 0x0004/0x0004 0x0020000
10110f8.3158: 00000000001a2000-00000000001affff 0x0001/0x0000 0x0000000
10210f8.3158: *00000000001b0000-00000000001b1fff 0x0004/0x0004 0x0020000
10310f8.3158: 00000000001b2000-00000000001c9fff 0x0000/0x0004 0x0020000
10410f8.3158: 00000000001ca000-00000000001fffff 0x0001/0x0000 0x0000000
10510f8.3158: *0000000000200000-0000000000213fff 0x0000/0x0004 0x0020000
10610f8.3158: 0000000000214000-0000000000216fff 0x0004/0x0004 0x0020000
10710f8.3158: 0000000000217000-00000000003fffff 0x0000/0x0004 0x0020000
10810f8.3158: 0000000000400000-000000000046ffff 0x0001/0x0000 0x0000000
10910f8.3158: *0000000000470000-0000000000475fff 0x0004/0x0004 0x0020000
11010f8.3158: 0000000000476000-000000000056ffff 0x0000/0x0004 0x0020000
11110f8.3158: *0000000000570000-0000000000636fff 0x0002/0x0002 0x0040000
11210f8.3158: 0000000000637000-000000000071ffff 0x0001/0x0000 0x0000000
11310f8.3158: *0000000000720000-000000000072efff 0x0004/0x0004 0x0020000
11410f8.3158: 000000000072f000-000000000072ffff 0x0000/0x0004 0x0020000
11510f8.3158: *0000000000730000-0000000000739fff 0x0000/0x0004 0x0020000
11610f8.3158: 000000000073a000-000000000092afff 0x0004/0x0004 0x0020000
11710f8.3158: 000000000092b000-000000000092bfff 0x0000/0x0004 0x0020000
11810f8.3158: 000000000092c000-000000000092ffff 0x0001/0x0000 0x0000000
11910f8.3158: *0000000000930000-000000000094cfff 0x0004/0x0004 0x0020000
12010f8.3158: 000000000094d000-0000000000a2ffff 0x0000/0x0004 0x0020000
12110f8.3158: 0000000000a30000-000000007ffdffff 0x0001/0x0000 0x0000000
12210f8.3158: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
12310f8.3158: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
12410f8.3158: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
12510f8.3158: 000000007ffed000-00007ff48bd4ffff 0x0001/0x0000 0x0000000
12610f8.3158: *00007ff48bd50000-00007ff48bd54fff 0x0002/0x0002 0x0040000
12710f8.3158: 00007ff48bd55000-00007ff48be4ffff 0x0000/0x0002 0x0040000
12810f8.3158: *00007ff48be50000-00007ff58be6ffff 0x0000/0x0004 0x0020000
12910f8.3158: *00007ff58be70000-00007ff58de6ffff 0x0000/0x0004 0x0020000
13010f8.3158: 00007ff58de70000-00007ff58de70fff 0x0004/0x0004 0x0020000
13110f8.3158: 00007ff58de71000-00007ff58de7ffff 0x0001/0x0000 0x0000000
13210f8.3158: *00007ff58de80000-00007ff58de80fff 0x0002/0x0002 0x0040000
13310f8.3158: 00007ff58de81000-00007ff58de8ffff 0x0001/0x0000 0x0000000
13410f8.3158: *00007ff58de90000-00007ff58deb2fff 0x0002/0x0002 0x0040000
13510f8.3158: 00007ff58deb3000-00007ff62aa6ffff 0x0001/0x0000 0x0000000
13610f8.3158: *00007ff62aa70000-00007ff62aa70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13710f8.3158: 00007ff62aa71000-00007ff62aae6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13810f8.3158: 00007ff62aae7000-00007ff62aae7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13910f8.3158: 00007ff62aae8000-00007ff62ab2ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14010f8.3158: 00007ff62ab30000-00007ff62ab32fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14110f8.3158: 00007ff62ab33000-00007ff62ab35fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14210f8.3158: 00007ff62ab36000-00007ff62ab38fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14310f8.3158: 00007ff62ab39000-00007ff62ab39fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14410f8.3158: 00007ff62ab3a000-00007ff62ab3bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14510f8.3158: 00007ff62ab3c000-00007ff62ab3cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14610f8.3158: 00007ff62ab3d000-00007ff62ab85fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14710f8.3158: 00007ff62ab86000-00007ffc49e5ffff 0x0001/0x0000 0x0000000
14810f8.3158: *00007ffc49e60000-00007ffc49e60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
14910f8.3158: 00007ffc49e61000-00007ffc49f65fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
15010f8.3158: 00007ffc49f66000-00007ffc4a0c7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
15110f8.3158: 00007ffc4a0c8000-00007ffc4a0cbfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
15210f8.3158: 00007ffc4a0cc000-00007ffc4a0ccfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
15310f8.3158: 00007ffc4a0cd000-00007ffc4a102fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
15410f8.3158: 00007ffc4a103000-00007ffc4bb1ffff 0x0001/0x0000 0x0000000
15510f8.3158: *00007ffc4bb20000-00007ffc4bb20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
15610f8.3158: 00007ffc4bb21000-00007ffc4bb95fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
15710f8.3158: 00007ffc4bb96000-00007ffc4bbc7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
15810f8.3158: 00007ffc4bbc8000-00007ffc4bbc8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
15910f8.3158: 00007ffc4bbc9000-00007ffc4bbc9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
16010f8.3158: 00007ffc4bbca000-00007ffc4bbd1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
16110f8.3158: 00007ffc4bbd2000-00007ffc4ca5ffff 0x0001/0x0000 0x0000000
16210f8.3158: *00007ffc4ca60000-00007ffc4ca60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16310f8.3158: 00007ffc4ca61000-00007ffc4cb77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16410f8.3158: 00007ffc4cb78000-00007ffc4cbbefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16510f8.3158: 00007ffc4cbbf000-00007ffc4cbbffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16610f8.3158: 00007ffc4cbc0000-00007ffc4cbc1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16710f8.3158: 00007ffc4cbc2000-00007ffc4cbcafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16810f8.3158: 00007ffc4cbcb000-00007ffc4cc4ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
16910f8.3158: 00007ffc4cc50000-00007ffffffeffff 0x0001/0x0000 0x0000000
17010f8.3158: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
17110f8.3158: kernelbase.dll: timestamp 0xb31987d3 (rc=VINF_SUCCESS)
17210f8.3158: VirtualBoxVM.exe: timestamp 0x5defad4f (rc=VINF_SUCCESS)
17310f8.3158: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
17410f8.3158: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
17510f8.3158: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
17610f8.3158: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
17710f8.3158: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
17810f8.3158: supR3HardNtEnableThreadCreationEx:
17910f8.3158: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffc4cad17f0 pvNtTerminateThread=00007ffc4cafcb10
18010f8.3158: supR3HardenedWinDoReSpawn(1): New child 33b8.15d4 [kernel32].
18110f8.3158: supR3HardNtChildGatherData: PebBaseAddress=0000000000f20000 cbPeb=0x388
18210f8.3158: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffc4ca60000 uNtDllChildAddr=00007ffc4ca60000
18310f8.3158: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffc4cad17f0
18410f8.3158: supR3HardenedWinSetupChildInit: Initial context:
185 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff62aa77900 rdx=0000000000f20000
186 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
187 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
188 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
189 rip=00007ffc4cacceb0 rsp=000000000111fe58 rbp=0000000000000000 ctxflags=0010001b
190 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
191 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
192 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
193 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
194 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
19510f8.3158: supR3HardenedWinSetupChildInit: Start child.
19610f8.3158: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
19710f8.3158: supR3HardNtChildPurify: Startup delay kludge #1/0: 272 ms, 19 sleeps
19810f8.3158: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
19910f8.3158: *0000000000000000-0000000000ddffff 0x0001/0x0000 0x0000000
20010f8.3158: *0000000000de0000-0000000000dfffff 0x0004/0x0004 0x0020000
20110f8.3158: *0000000000e00000-0000000000f1ffff 0x0000/0x0004 0x0020000
20210f8.3158: 0000000000f20000-0000000000f22fff 0x0004/0x0004 0x0020000
20310f8.3158: 0000000000f23000-0000000000ffffff 0x0000/0x0004 0x0020000
20410f8.3158: *0000000001000000-000000000101afff 0x0002/0x0002 0x0040000
20510f8.3158: 000000000101b000-000000000101ffff 0x0001/0x0000 0x0000000
20610f8.3158: *0000000001020000-000000000111afff 0x0000/0x0004 0x0020000
20710f8.3158: 000000000111b000-000000000111dfff 0x0104/0x0004 0x0020000
20810f8.3158: 000000000111e000-000000000111ffff 0x0004/0x0004 0x0020000
20910f8.3158: *0000000001120000-0000000001123fff 0x0002/0x0002 0x0040000
21010f8.3158: 0000000001124000-000000000112ffff 0x0001/0x0000 0x0000000
21110f8.3158: *0000000001130000-0000000001131fff 0x0004/0x0004 0x0020000
21210f8.3158: 0000000001132000-000000007ffdffff 0x0001/0x0000 0x0000000
21310f8.3158: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
21410f8.3158: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
21510f8.3158: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
21610f8.3158: 000000007ffed000-00007ff51011ffff 0x0001/0x0000 0x0000000
21710f8.3158: *00007ff510120000-00007ff510120fff 0x0002/0x0002 0x0040000
21810f8.3158: 00007ff510121000-00007ff51012ffff 0x0001/0x0000 0x0000000
21910f8.3158: *00007ff510130000-00007ff510152fff 0x0002/0x0002 0x0040000
22010f8.3158: 00007ff510153000-00007ff62aa6ffff 0x0001/0x0000 0x0000000
22110f8.3158: *00007ff62aa70000-00007ff62aa70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22210f8.3158: 00007ff62aa71000-00007ff62aae6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22310f8.3158: 00007ff62aae7000-00007ff62aae7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22410f8.3158: 00007ff62aae8000-00007ff62ab2ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22510f8.3158: 00007ff62ab30000-00007ff62ab30fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22610f8.3158: 00007ff62ab31000-00007ff62ab31fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22710f8.3158: 00007ff62ab32000-00007ff62ab36fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22810f8.3158: 00007ff62ab37000-00007ff62ab37fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22910f8.3158: 00007ff62ab38000-00007ff62ab38fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23010f8.3158: 00007ff62ab39000-00007ff62ab3cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23110f8.3158: 00007ff62ab3d000-00007ff62ab85fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
23210f8.3158: 00007ff62ab86000-00007ffc4ca5ffff 0x0001/0x0000 0x0000000
23310f8.3158: *00007ffc4ca60000-00007ffc4ca60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23410f8.3158: 00007ffc4ca61000-00007ffc4cb77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23510f8.3158: 00007ffc4cb78000-00007ffc4cbbefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23610f8.3158: 00007ffc4cbbf000-00007ffc4cbcafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23710f8.3158: 00007ffc4cbcb000-00007ffc4cbd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23810f8.3158: 00007ffc4cbda000-00007ffc4cbdafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
23910f8.3158: 00007ffc4cbdb000-00007ffc4cbddfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
24010f8.3158: 00007ffc4cbde000-00007ffc4cc4ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
24110f8.3158: 00007ffc4cc50000-00007ffffffeffff 0x0001/0x0000 0x0000000
24210f8.3158: supR3HardNtChildPurify: Done after 272 ms and 0 fixes (loop #0).
24333b8.15d4: Log file opened: 6.1.0r135406 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
24433b8.15d4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffc4ca60000 g_uNtVerCombined=0xa047ba00 (stack ~000000000111f8e8)
24533b8.15d4: ntdll.dll: timestamp 0x64d10ee0 (rc=VINF_SUCCESS)
24633b8.15d4: New simple heap: #1 0000000001240000 LB 0x400000 (for 2031616 allocation)
24710f8.3158: supR3HardNtEnableThreadCreationEx:
24833b8.15d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
24933b8.15d4: System32: \Device\HarddiskVolume3\Windows\System32
25033b8.15d4: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
25133b8.15d4: KnownDllPath: C:\WINDOWS\System32
25233b8.15d4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
25333b8.15d4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
25433b8.15d4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
25533b8.15d4: Registered Dll notification callback with NTDLL.
25633b8.15d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
25733b8.15d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
25833b8.15d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
25933b8.15d4: supR3HardenedDllNotificationCallback: load 00007ffc49e60000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
26033b8.15d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
26133b8.15d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
26233b8.15d4: supR3HardenedDllNotificationCallback: load 00007ffc4bb20000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
26333b8.15d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
26433b8.15d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bb20000 'C:\WINDOWS\System32\KERNEL32.DLL'
26533b8.15d4: supR3HardenedDllNotificationCallback: load 00007ff62aa70000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
26633b8.15d4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
26733b8.15d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
26833b8.15d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
26933b8.15d4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffc4cad17f0 pvNtTerminateThread=00007ffc4cafcb10
27010f8.3158: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 87 ms.
27133b8.15d4: \SystemRoot\System32\ntdll.dll:
27233b8.15d4: CreationTime: 2020-03-12T18:03:23.862783400Z
27333b8.15d4: LastWriteTime: 2020-03-12T18:03:23.901822700Z
27433b8.15d4: ChangeTime: 2020-03-13T23:09:20.291227300Z
27533b8.15d4: FileAttributes: 0x20
27633b8.15d4: Size: 0x1e8450
27733b8.15d4: NT Headers: 0xd8
27833b8.15d4: Timestamp: 0x64d10ee0
27933b8.15d4: Machine: 0x8664 - amd64
28033b8.15d4: Timestamp: 0x64d10ee0
28133b8.15d4: Image Version: 10.0
28233b8.15d4: SizeOfImage: 0x1f0000 (2031616)
28333b8.15d4: Resource Dir: 0x17f000 LB 0x6f310
28433b8.15d4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
28533b8.15d4: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
28633b8.15d4: ProductName: Microsoft® Windows® Operating System
28733b8.15d4: ProductVersion: 10.0.18362.719
28833b8.15d4: FileVersion: 10.0.18362.719 (WinBuild.160101.0800)
28933b8.15d4: FileDescription: NT Layer DLL
29033b8.15d4: \SystemRoot\System32\kernel32.dll:
29133b8.15d4: CreationTime: 2019-09-12T18:16:18.691799400Z
29233b8.15d4: LastWriteTime: 2019-09-12T18:16:18.748641600Z
29333b8.15d4: ChangeTime: 2020-03-12T18:04:13.145910600Z
29433b8.15d4: FileAttributes: 0x20
29533b8.15d4: Size: 0xb0570
29633b8.15d4: NT Headers: 0xe8
29733b8.15d4: Timestamp: 0xd0cecc10
29833b8.15d4: Machine: 0x8664 - amd64
29933b8.15d4: Timestamp: 0xd0cecc10
30033b8.15d4: Image Version: 10.0
30133b8.15d4: SizeOfImage: 0xb2000 (729088)
30233b8.15d4: Resource Dir: 0xb0000 LB 0x520
30333b8.15d4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
30433b8.15d4: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
30533b8.15d4: ProductName: Microsoft® Windows® Operating System
30633b8.15d4: ProductVersion: 10.0.18362.329
30733b8.15d4: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
30833b8.15d4: FileDescription: Windows NT BASE API Client DLL
30933b8.15d4: \SystemRoot\System32\KernelBase.dll:
31033b8.15d4: CreationTime: 2020-03-12T18:03:24.571361200Z
31133b8.15d4: LastWriteTime: 2020-03-12T18:03:24.631875100Z
31233b8.15d4: ChangeTime: 2020-03-13T23:09:19.494530700Z
31333b8.15d4: FileAttributes: 0x20
31433b8.15d4: Size: 0x2a3e38
31533b8.15d4: NT Headers: 0xf0
31633b8.15d4: Timestamp: 0xb31987d3
31733b8.15d4: Machine: 0x8664 - amd64
31833b8.15d4: Timestamp: 0xb31987d3
31933b8.15d4: Image Version: 10.0
32033b8.15d4: SizeOfImage: 0x2a3000 (2764800)
32133b8.15d4: Resource Dir: 0x27d000 LB 0x548
32233b8.15d4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
32333b8.15d4: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
32433b8.15d4: ProductName: Microsoft® Windows® Operating System
32533b8.15d4: ProductVersion: 10.0.18362.719
32633b8.15d4: FileVersion: 10.0.18362.719 (WinBuild.160101.0800)
32733b8.15d4: FileDescription: Windows NT BASE API Client DLL
32833b8.15d4: \SystemRoot\System32\apisetschema.dll:
32933b8.15d4: CreationTime: 2019-03-19T04:43:54.837151500Z
33033b8.15d4: LastWriteTime: 2019-03-19T04:43:54.837151500Z
33133b8.15d4: ChangeTime: 2020-03-12T18:04:13.130294300Z
33233b8.15d4: FileAttributes: 0x20
33333b8.15d4: Size: 0x1d028
33433b8.15d4: NT Headers: 0xc8
33533b8.15d4: Timestamp: 0xd6ced080
33633b8.15d4: Machine: 0x8664 - amd64
33733b8.15d4: Timestamp: 0xd6ced080
33833b8.15d4: Image Version: 10.0
33933b8.15d4: SizeOfImage: 0x1e000 (122880)
34033b8.15d4: Resource Dir: 0x1d000 LB 0x408
34133b8.15d4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
34233b8.15d4: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
34333b8.15d4: ProductName: Microsoft® Windows® Operating System
34433b8.15d4: ProductVersion: 10.0.18362.1
34533b8.15d4: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
34633b8.15d4: FileDescription: ApiSet Schema DLL
34733b8.15d4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
34833b8.15d4: supR3HardenedWinFindAdversaries: 0x0
34933b8.15d4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
35033b8.15d4: Calling main()
35133b8.15d4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
35233b8.15d4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
35333b8.15d4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
35433b8.15d4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
35533b8.15d4: SUPR3HardenedMain: Respawn #2
35633b8.15d4: supR3HardNtEnableThreadCreationEx:
35733b8.15d4: supR3HardenedDllNotificationCallback: load 00007ffc4b300000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
35833b8.15d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
35933b8.15d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
36033b8.15d4: supR3HardenedDllNotificationCallback: load 00007ffc4b4b0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
36133b8.15d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
36233b8.15d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
36333b8.15d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
36433b8.15d4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
36533b8.15d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
36633b8.15d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
36733b8.15d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36833b8.15d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36933b8.15d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
37033b8.15d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
37133b8.15d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ca60000 'C:\WINDOWS\System32\ntdll.dll'
37233b8.15d4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffc4cad17f0 pvNtTerminateThread=00007ffc4cafcb10
37333b8.15d4: supR3HardenedWinDoReSpawn(2): New child 2150.2c68 [kernel32].
37433b8.15d4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
37533b8.15d4: supR3HardNtChildGatherData: PebBaseAddress=00000000005a9000 cbPeb=0x388
37633b8.15d4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffc4ca60000 uNtDllChildAddr=00007ffc4ca60000
37733b8.15d4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffc4cad17f0
37833b8.15d4: supR3HardenedWinSetupChildInit: Initial context:
379 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff62aa77900 rdx=00000000005a9000
380 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
381 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
382 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
383 rip=00007ffc4cacceb0 rsp=00000000006ffc48 rbp=0000000000000000 ctxflags=0010001b
384 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
385 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
386 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
387 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
388 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
38933b8.15d4: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
39033b8.15d4: supR3HardenedWinSetupChildInit: Start child.
39133b8.15d4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
39233b8.15d4: supR3HardNtChildPurify: Startup delay kludge #1/0: 263 ms, 21 sleeps
39333b8.15d4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
39433b8.15d4: *0000000000000000-000000000037ffff 0x0001/0x0000 0x0000000
39533b8.15d4: *0000000000380000-000000000039ffff 0x0004/0x0004 0x0020000
39633b8.15d4: *00000000003a0000-00000000003bafff 0x0002/0x0002 0x0040000
39733b8.15d4: 00000000003bb000-00000000003bffff 0x0001/0x0000 0x0000000
39833b8.15d4: *00000000003c0000-00000000003c3fff 0x0002/0x0002 0x0040000
39933b8.15d4: 00000000003c4000-00000000003cffff 0x0001/0x0000 0x0000000
40033b8.15d4: *00000000003d0000-00000000003d1fff 0x0004/0x0004 0x0020000
40133b8.15d4: 00000000003d2000-00000000003fffff 0x0001/0x0000 0x0000000
40233b8.15d4: *0000000000400000-00000000005a8fff 0x0000/0x0004 0x0020000
40333b8.15d4: 00000000005a9000-00000000005abfff 0x0004/0x0004 0x0020000
40433b8.15d4: 00000000005ac000-00000000005fffff 0x0000/0x0004 0x0020000
40533b8.15d4: *0000000000600000-00000000006fafff 0x0000/0x0004 0x0020000
40633b8.15d4: 00000000006fb000-00000000006fdfff 0x0104/0x0004 0x0020000
40733b8.15d4: 00000000006fe000-00000000006fffff 0x0004/0x0004 0x0020000
40833b8.15d4: 0000000000700000-000000007ffdffff 0x0001/0x0000 0x0000000
40933b8.15d4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
41033b8.15d4: 000000007ffe1000-000000007ffebfff 0x0001/0x0000 0x0000000
41133b8.15d4: *000000007ffec000-000000007ffecfff 0x0002/0x0002 0x0020000
41233b8.15d4: 000000007ffed000-00007ff5a27bffff 0x0001/0x0000 0x0000000
41333b8.15d4: *00007ff5a27c0000-00007ff5a27c0fff 0x0002/0x0002 0x0040000
41433b8.15d4: 00007ff5a27c1000-00007ff5a27cffff 0x0001/0x0000 0x0000000
41533b8.15d4: *00007ff5a27d0000-00007ff5a27f2fff 0x0002/0x0002 0x0040000
41633b8.15d4: 00007ff5a27f3000-00007ff62aa6ffff 0x0001/0x0000 0x0000000
41733b8.15d4: *00007ff62aa70000-00007ff62aa70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
41833b8.15d4: 00007ff62aa71000-00007ff62aae6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
41933b8.15d4: 00007ff62aae7000-00007ff62aae7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42033b8.15d4: 00007ff62aae8000-00007ff62ab2ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42133b8.15d4: 00007ff62ab30000-00007ff62ab30fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42233b8.15d4: 00007ff62ab31000-00007ff62ab31fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42333b8.15d4: 00007ff62ab32000-00007ff62ab36fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42433b8.15d4: 00007ff62ab37000-00007ff62ab37fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42533b8.15d4: 00007ff62ab38000-00007ff62ab38fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42633b8.15d4: 00007ff62ab39000-00007ff62ab3cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42733b8.15d4: 00007ff62ab3d000-00007ff62ab85fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
42833b8.15d4: 00007ff62ab86000-00007ffc4ca5ffff 0x0001/0x0000 0x0000000
42933b8.15d4: *00007ffc4ca60000-00007ffc4ca60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43033b8.15d4: 00007ffc4ca61000-00007ffc4cb77fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43133b8.15d4: 00007ffc4cb78000-00007ffc4cbbefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43233b8.15d4: 00007ffc4cbbf000-00007ffc4cbcafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43333b8.15d4: 00007ffc4cbcb000-00007ffc4cbd9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43433b8.15d4: 00007ffc4cbda000-00007ffc4cbdafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43533b8.15d4: 00007ffc4cbdb000-00007ffc4cbddfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43633b8.15d4: 00007ffc4cbde000-00007ffc4cc4ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
43733b8.15d4: 00007ffc4cc50000-00007ffffffeffff 0x0001/0x0000 0x0000000
43833b8.15d4: VirtualBoxVM.exe: timestamp 0x5defad4f (rc=VINF_SUCCESS)
43933b8.15d4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
44033b8.15d4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
44133b8.15d4: supR3HardNtChildPurify: Done after 317 ms and 0 fixes (loop #0).
4422150.2c68: Log file opened: 6.1.0r135406 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
4432150.2c68: supR3HardenedVmProcessInit: uNtDllAddr=00007ffc4ca60000 g_uNtVerCombined=0xa047ba00 (stack ~00000000006ff6d8)
4442150.2c68: ntdll.dll: timestamp 0x64d10ee0 (rc=VINF_SUCCESS)
4452150.2c68: New simple heap: #1 0000000000800000 LB 0x400000 (for 2031616 allocation)
44633b8.15d4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001240000 LB 0x400000)
44733b8.15d4: supR3HardNtEnableThreadCreationEx:
4482150.2c68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
4492150.2c68: System32: \Device\HarddiskVolume3\Windows\System32
4502150.2c68: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
4512150.2c68: KnownDllPath: C:\WINDOWS\System32
4522150.2c68: supR3HardenedVmProcessInit: Opening vboxdrv...
4532150.2c68: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
4542150.2c68: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
4552150.2c68: Registered Dll notification callback with NTDLL.
4562150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
4572150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
4582150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
4592150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49e60000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
4602150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
4612150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
4622150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4bb20000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
4632150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
4642150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bb20000 'C:\WINDOWS\System32\KERNEL32.DLL'
4652150.2c68: supR3HardenedDllNotificationCallback: load 00007ff62aa70000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
4662150.2c68: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
4672150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
4682150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4692150.2c68: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffc4cad17f0 pvNtTerminateThread=00007ffc4cafcb10
47033b8.15d4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 96 ms.
4712150.2c68: \SystemRoot\System32\ntdll.dll:
4722150.2c68: CreationTime: 2020-03-12T18:03:23.862783400Z
4732150.2c68: LastWriteTime: 2020-03-12T18:03:23.901822700Z
4742150.2c68: ChangeTime: 2020-03-13T23:09:20.291227300Z
4752150.2c68: FileAttributes: 0x20
4762150.2c68: Size: 0x1e8450
4772150.2c68: NT Headers: 0xd8
4782150.2c68: Timestamp: 0x64d10ee0
4792150.2c68: Machine: 0x8664 - amd64
4802150.2c68: Timestamp: 0x64d10ee0
4812150.2c68: Image Version: 10.0
4822150.2c68: SizeOfImage: 0x1f0000 (2031616)
4832150.2c68: Resource Dir: 0x17f000 LB 0x6f310
4842150.2c68: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4852150.2c68: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
4862150.2c68: ProductName: Microsoft® Windows® Operating System
4872150.2c68: ProductVersion: 10.0.18362.719
4882150.2c68: FileVersion: 10.0.18362.719 (WinBuild.160101.0800)
4892150.2c68: FileDescription: NT Layer DLL
4902150.2c68: \SystemRoot\System32\kernel32.dll:
4912150.2c68: CreationTime: 2019-09-12T18:16:18.691799400Z
4922150.2c68: LastWriteTime: 2019-09-12T18:16:18.748641600Z
4932150.2c68: ChangeTime: 2020-03-12T18:04:13.145910600Z
4942150.2c68: FileAttributes: 0x20
4952150.2c68: Size: 0xb0570
4962150.2c68: NT Headers: 0xe8
4972150.2c68: Timestamp: 0xd0cecc10
4982150.2c68: Machine: 0x8664 - amd64
4992150.2c68: Timestamp: 0xd0cecc10
5002150.2c68: Image Version: 10.0
5012150.2c68: SizeOfImage: 0xb2000 (729088)
5022150.2c68: Resource Dir: 0xb0000 LB 0x520
5032150.2c68: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5042150.2c68: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
5052150.2c68: ProductName: Microsoft® Windows® Operating System
5062150.2c68: ProductVersion: 10.0.18362.329
5072150.2c68: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
5082150.2c68: FileDescription: Windows NT BASE API Client DLL
5092150.2c68: \SystemRoot\System32\KernelBase.dll:
5102150.2c68: CreationTime: 2020-03-12T18:03:24.571361200Z
5112150.2c68: LastWriteTime: 2020-03-12T18:03:24.631875100Z
5122150.2c68: ChangeTime: 2020-03-13T23:09:19.494530700Z
5132150.2c68: FileAttributes: 0x20
5142150.2c68: Size: 0x2a3e38
5152150.2c68: NT Headers: 0xf0
5162150.2c68: Timestamp: 0xb31987d3
5172150.2c68: Machine: 0x8664 - amd64
5182150.2c68: Timestamp: 0xb31987d3
5192150.2c68: Image Version: 10.0
5202150.2c68: SizeOfImage: 0x2a3000 (2764800)
5212150.2c68: Resource Dir: 0x27d000 LB 0x548
5222150.2c68: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5232150.2c68: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5242150.2c68: ProductName: Microsoft® Windows® Operating System
5252150.2c68: ProductVersion: 10.0.18362.719
5262150.2c68: FileVersion: 10.0.18362.719 (WinBuild.160101.0800)
5272150.2c68: FileDescription: Windows NT BASE API Client DLL
5282150.2c68: \SystemRoot\System32\apisetschema.dll:
5292150.2c68: CreationTime: 2019-03-19T04:43:54.837151500Z
5302150.2c68: LastWriteTime: 2019-03-19T04:43:54.837151500Z
5312150.2c68: ChangeTime: 2020-03-12T18:04:13.130294300Z
5322150.2c68: FileAttributes: 0x20
5332150.2c68: Size: 0x1d028
5342150.2c68: NT Headers: 0xc8
5352150.2c68: Timestamp: 0xd6ced080
5362150.2c68: Machine: 0x8664 - amd64
5372150.2c68: Timestamp: 0xd6ced080
5382150.2c68: Image Version: 10.0
5392150.2c68: SizeOfImage: 0x1e000 (122880)
5402150.2c68: Resource Dir: 0x1d000 LB 0x408
5412150.2c68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5422150.2c68: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
5432150.2c68: ProductName: Microsoft® Windows® Operating System
5442150.2c68: ProductVersion: 10.0.18362.1
5452150.2c68: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
5462150.2c68: FileDescription: ApiSet Schema DLL
5472150.2c68: NtOpenDirectoryObject failed on \Driver: 0xc0000022
5482150.2c68: supR3HardenedWinFindAdversaries: 0x0
5492150.2c68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
5502150.2c68: Calling main()
5512150.2c68: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
5522150.2c68: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
5532150.2c68: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
5542150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
5552150.2c68: SUPR3HardenedMain: Final process, opening VBoxDrv...
5562150.2c68: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000800000 LB 0x400000)
5572150.2c68: supR3HardNtEnableThreadCreationEx:
5582150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
5592150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
5602150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5612150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5622150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc445b0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
5632150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5642150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5652150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5662150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc445b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5672150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
5682150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
5692150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc445b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5702150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc445b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
5712150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
5722150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
5732150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
5742150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
5752150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
5762150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
5772150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
5782150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
5792150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
5802150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
5812150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
5822150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
5832150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
5842150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
5852150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
5862150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
5872150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
5882150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
5892150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
5902150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
5912150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
5922150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
5932150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
5942150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
5952150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume3\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
5962150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
5972150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
5982150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b260000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
5992150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6002150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc499b0000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
6012150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6022150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49bc0000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
6032150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
6042150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
6052150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49cc0000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
6062150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6072150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b300000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
6082150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6092150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4a310000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
6102150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6112150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6122150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6132150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-synch-l1-2-0'
6142150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6152150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6162150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-fibers-l1-1-1'
6172150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6182150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6192150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-fibers-l1-1-1'
6202150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6212150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6222150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-synch-l1-2-0'
6232150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
6242150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6252150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-localization-l1-2-1'
6262150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4a310000 'C:\WINDOWS\system32\Wintrust.dll'
6272150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
6282150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
6292150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6302150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4a260000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
6312150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6322150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4a260000 'C:\WINDOWS\system32\bcrypt.dll'
6332150.2c68: bcrypt.dll loaded at 00007ffc4a260000, BCryptOpenAlgorithmProvider at 00007ffc4a264c70, preloading providers:
6342150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
6352150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
6362150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6372150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4a290000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
6382150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6392150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4a290000 'C:\WINDOWS\system32\bcryptprimitives.dll'
6402150.2c68: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000c2a790)
6412150.2c68: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000c2fc10)
6422150.2c68: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000c2ff10)
6432150.2c68: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000c30210)
6442150.2c68: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000c30510)
6452150.2c68: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000c30810)
6462150.2c68: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000c30b10)
6472150.2c68: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000c30e10)
6482150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4a370000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
6492150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
6502150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
6512150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
6522150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
6532150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
6542150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
6552150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
6562150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6572150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6582150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6592150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc48d00000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
6602150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6612150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
6622150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
6632150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
6642150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
6652150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49360000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
6662150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
6672150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
6682150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
6692150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
6702150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6712150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6722150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bb20000 'C:\WINDOWS\System32\kernel32.dll'
6732150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6742150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6752150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4a310000 'C:\WINDOWS\System32\WINTRUST.DLL'
6762150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
6772150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
6782150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\CRYPT32.dll'
6792150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b7c0000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
6802150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
6812150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
6822150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
6832150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
6842150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6852150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6862150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6872150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6882150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
6892150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b4b0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
6902150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
6912150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
6922150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
6932150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6942150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
6952150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
6962150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
6972150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc48520000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
6982150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
6992150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49980000 LB 0x00023000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
7002150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
7012150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
7022150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7032150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
7042150.2c68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
7052150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
7062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7072150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7082150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7092150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7102150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7112150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7122150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7132150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7142150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7152150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7162150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7172150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7182150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7192150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7202150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7212150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7222150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7232150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc2d8b0000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
7242150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7252150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7262150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7272150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7282150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7292150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7302150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7312150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7322150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7332150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7342150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7352150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7362150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7372150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7382150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7392150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7402150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7412150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7422150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7432150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7442150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7452150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7462150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7472150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7482150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7492150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7502150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7512150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7522150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7532150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\WINDOWS\System32\cryptnet.dll'
7542150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7552150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc2d8b0000 'C:\Windows\System32\cryptnet.dll'
7562150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4c7d0000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
7572150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7582150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
7592150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
7602150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
7612150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
7622150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7632150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7642150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7652150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7662150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
7672150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
7682150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
7692150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7702150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7712150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7722150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7732150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
7742150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7752150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7762150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
7772150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
7782150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000cba3b0
7792150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
7802150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9F134927D73F6FAAD67AD49B5BE994D3044A4A94
7812150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7822150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7832150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4b300000 'C:\WINDOWS\System32\rpcrt4.dll'
7842150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7852150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7862150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
7872150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7882150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7892150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
7902150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.719.cat'; file='\SystemRoot\System32\ntdll.dll'
7912150.2c68: g_pfnWinVerifyTrust=00007ffc4a3161f0
7922150.2c68: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
7932150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7942150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7952150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
7962150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7972150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7982150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
7992150.2c68: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
8002150.2c68: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8012150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8022150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8032150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8042150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
8052150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8062150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8072150.2c68: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
8082150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8092150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8102150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8112150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8122150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
8132150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000388 pwszName=\Device\HarddiskVolume3\Windows\System32\cryptnet.dll
8142150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
8152150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
8162150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
8172150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8182150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8192150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8202150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.719.cat'; file='\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
8212150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
8222150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
8232150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8242150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8252150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8262150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
8272150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8282150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8292150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8302150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
8312150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8322150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8332150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8342150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
8352150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8362150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8372150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8382150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
8392150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8402150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8412150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8422150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
8432150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8442150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8452150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
8462150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8472150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8482150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
8492150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
8502150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8512150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8522150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8532150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
8542150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8552150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8562150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
8572150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8582150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8592150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
8602150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8612150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8622150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll'
8632150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8642150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8652150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
8662150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8672150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8682150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
8692150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8702150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8712150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
8722150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8732150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
8742150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8752150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
8762150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8772150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8782150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
8792150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
8802150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
8812150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
8822150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\system32\crypt32.dll'
8832150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x65fa45db2f64db00 C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=DNIE, CN=AC RAIZ DNIE 2
8842150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
8852150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
8862150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x20a3c30cad008000 C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=DNIE, CN=AC RAIZ DNIE
8872150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
8882150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
8892150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
8902150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
8912150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
8922150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
8932150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
8942150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
8952150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
8962150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x20a3c30cad008000 C=ES, O=DIRECCION GENERAL DE LA POLICIA, OU=DNIE, CN=AC RAIZ DNIE
8972150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
8982150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
8992150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
9002150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x6e864c7a8071ba00 C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM
9012150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
9022150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
9032150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
9042150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
9052150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
9062150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
9072150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
9082150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
9092150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
9102150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xbab415bd1e249800 C=US, OU=www.xrampsecurity.com, O=XRamp Security Services Inc, CN=XRamp Global Certification Authority
9112150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
9122150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
9132150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
9142150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
9152150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
9162150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
9172150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
9182150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
9192150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x802b3770cb00af00 C=EU, L=Madrid (see current address at www.camerfirma.com/address), SRN=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root - 2008
9202150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
9212150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
9222150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
9232150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
9242150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
9252150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
9262150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
9272150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
9282150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
9292150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
9302150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
9312150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
9322150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
9332150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
9342150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
9352150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
9362150.2c68: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
9372150.2c68: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=54
9382150.2c68: SUPR3HardenedMain: Load Runtime...
9392150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
9402150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
9412150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
9422150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
9432150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
9442150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
9452150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9462150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
9472150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
9482150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
9492150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
9502150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
9512150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
9522150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
9532150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9542150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9552150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
9562150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
9572150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
9582150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
9592150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
9602150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
9612150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
9622150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
9632150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
9642150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
9652150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9662150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9672150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
9682150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
9692150.2c68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9702150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
9712150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
9722150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
9732150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
9742150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
9752150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9762150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
9772150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
9782150.2c68: supR3HardenedDllNotificationCallback: load 00000000546b0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
9792150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
9802150.2c68: supR3HardenedDllNotificationCallback: load 0000000054b20000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
9812150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
9822150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4bbe0000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
9832150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
9842150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc0e3f0000 LB 0x005e7000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
9852150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9862150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9872150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
9882150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9892150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9902150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9912150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9922150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
9932150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9942150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
9952150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
9962150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9972150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
9982150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
9992150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10002150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10012150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10022150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
10032150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10042150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10052150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10062150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10072150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10082150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10092150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
10102150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10112150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10122150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10132150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10142150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10152150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10162150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
10172150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10182150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10192150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10202150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10212150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10222150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10232150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
10242150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10252150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10262150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10272150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10282150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10292150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10302150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10312150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10322150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10332150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10342150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10352150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10362150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10372150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10382150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10392150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10402150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10412150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10422150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10432150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10442150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10452150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10462150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10472150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10482150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10492150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10502150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10512150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10522150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10532150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10542150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10552150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10562150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10572150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10582150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10592150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10602150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10612150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10622150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10632150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10642150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10652150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
10662150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10672150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10682150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10692150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10702150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10712150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10722150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10732150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10742150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10752150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10762150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10772150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10782150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10792150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10802150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10812150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10822150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10832150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10842150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10852150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10862150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10872150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10882150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10892150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10902150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10912150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10922150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10932150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10942150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10952150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10962150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10972150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10982150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10992150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11002150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11012150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11022150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11032150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11042150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11052150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11062150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11072150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11082150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11092150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11102150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11112150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11122150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11132150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11142150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11152150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11162150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11172150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11182150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11192150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11202150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11212150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11222150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11232150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11242150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11252150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11262150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11272150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11282150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11292150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11302150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11312150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11322150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11332150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11342150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11352150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11362150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11372150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11382150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11392150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11402150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11412150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11422150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11432150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11442150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11452150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11462150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11472150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
11482150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11492150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11502150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11512150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11522150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11532150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11542150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11552150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11562150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11572150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11582150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11592150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11602150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11612150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11622150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0e3f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11632150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
11642150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
11652150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
11662150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
11672150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4a310000 'C:\WINDOWS\system32\Wintrust.dll'
11682150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
11692150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11702150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
11712150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
11722150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
11732150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
11742150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\system32\crypt32.dll'
11752150.2c68: SUPR3HardenedMain: Load TrustedMain...
11762150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
11772150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
11782150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
11792150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
11802150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
11812150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
11822150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
11832150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
11842150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
11852150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
11862150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
11872150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
11882150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
11892150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
11902150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
11912150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
11922150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
11932150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
11942150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
11952150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
11962150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
11972150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
11982150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
11992150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
12002150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12012150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12042150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
12052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
12062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
12072150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
12082150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12092150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
12102150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
12112150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12122150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12132150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
12142150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
12152150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
12162150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12172150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
12182150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
12192150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
12202150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
12212150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
12222150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
12232150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12242150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12252150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12262150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12272150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
12282150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
12292150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
12302150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
12312150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'.
12322150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
12332150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
12342150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
12352150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
12362150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
12372150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
12382150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
12392150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
12402150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
12412150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
12422150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12432150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12442150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
12452150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
12462150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
12472150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
12482150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
12492150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
12502150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
12512150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
12522150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12532150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12542150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
12552150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
12562150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
12572150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12582150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12592150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
12602150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
12612150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
12622150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
12632150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
12642150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12652150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12662150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
12672150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
12682150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
12692150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
12702150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12712150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12722150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
12732150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
12742150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
12752150.2c68: '\Device\HarddiskVolume3\Windows\System32\win32u.dll' has no imports
12762150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
12772150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
12782150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12792150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12802150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12812150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
12822150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
12832150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
12842150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
12852150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
12862150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
12872150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
12882150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust
12892150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
12902150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
12912150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
12922150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
12932150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
12942150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
12952150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
12962150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
12972150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
12982150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
12992150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
13002150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
13012150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
13022150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
13032150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
13042150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
13052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
13062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13072150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13082150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
13092150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13102150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13112150.2c68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
13122150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
13132150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
13142150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
13152150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
13162150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
13172150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
13182150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
13192150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
13202150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
13212150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
13222150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13232150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13242150.2c68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
13252150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
13262150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
13272150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
13282150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13292150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
13302150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
13312150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
13322150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
13332150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
13342150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
13352150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
13362150.2c68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
13372150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
13382150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
13392150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
13402150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
13412150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
13422150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
13432150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
13442150.2c68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
13452150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
13462150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13472150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13482150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
13492150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13502150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13512150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
13522150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13532150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
13542150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
13552150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
13562150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
13572150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
13582150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
13592150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13602150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13612150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13622150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13632150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13642150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
13652150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13662150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13672150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13682150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13692150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13702150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13712150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13722150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13732150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
13742150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13752150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13762150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
13772150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13782150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13792150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13802150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13812150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13822150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13832150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13842150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13852150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13862150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13872150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13882150.2c68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
13892150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
13902150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
13912150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13922150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
13932150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
13942150.2c68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
13952150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
13962150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13972150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13982150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
13992150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14002150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14012150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
14022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14042150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
14052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
14062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
14072150.2c68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
14082150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
14092150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
14102150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14112150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14122150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
14132150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14142150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
14152150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
14162150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14172150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14182150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
14192150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14202150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14212150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14222150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14232150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14242150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14252150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
14262150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
14272150.2c68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
14282150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14292150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
14302150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
14312150.2c68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
14322150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
14332150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14342150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14352150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14362150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14372150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14382150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14392150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14402150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
14412150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
14422150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14432150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14442150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
14452150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14462150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14472150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14482150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14492150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14502150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14512150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14522150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14532150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
14542150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14552150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14562150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14572150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14582150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14592150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
14602150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
14612150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
14622150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14632150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
14642150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
14652150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
14662150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14672150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14682150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
14692150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14702150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14712150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
14722150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14732150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14742150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
14752150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14762150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14772150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
14782150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14792150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14802150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14812150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14822150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14832150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14842150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14852150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14862150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14872150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14882150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14892150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14902150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14912150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14922150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14932150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
14942150.2c68: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
14952150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14962150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14972150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
14982150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
14992150.2c68: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
15002150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15012150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15022150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
15032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15042150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15052150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
15062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15072150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15082150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
15092150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
15102150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
15112150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
15122150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
15132150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
15142150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
15152150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
15162150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
15172150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
15182150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
15192150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
15202150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
15212150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
15222150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
15232150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15242150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15252150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
15262150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004cc pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
15272150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
15282150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
15292150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
15302150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
15312150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
15322150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
15332150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
15342150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
15352150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15362150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15372150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
15382150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15392150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15402150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
15412150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15422150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15432150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15442150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
15452150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
15462150.2c68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
15472150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15482150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15492150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
15502150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15512150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15522150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
15532150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15542150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15552150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15562150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15572150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
15582150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
15592150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
15602150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
15612150.2c68: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
15622150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
15632150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
15642150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
15652150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
15662150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
15672150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
15682150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
15692150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
15702150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
15712150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
15722150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
15732150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
15742150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
15752150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
15762150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DXCore.dll)
15772150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DXCore.dll
15782150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc499f0000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
15792150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
15802150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4a110000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
15812150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
15822150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49a20000 LB 0x00194000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
15832150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
15842150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
15852150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
15862150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
15872150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
15882150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
15892150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4bd30000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
15902150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
15912150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4bd60000 LB 0x00194000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
15922150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [avoiding WinVerifyTrust]
15932150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b7e0000 LB 0x00336000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
15942150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
15952150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49e10000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
15962150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
15972150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
15982150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc48570000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
15992150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
16002150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc25bb0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
16012150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
16022150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc25be0000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
16032150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
16042150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4bf00000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
16052150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16062150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
16072150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
16082150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
16092150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
16102150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49920000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0]
16112150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\umpdc.dll)
16122150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\umpdc.dll
16132150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49930000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
16142150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
16152150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
16162150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
16172150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
16182150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4c420000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
16192150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
16202150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
16212150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
16222150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
16232150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
16242150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc499d0000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
16252150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
16262150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
16272150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
16282150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
16292150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4a390000 LB 0x00780000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
16302150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
16312150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
16322150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
16332150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
16342150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
16352150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
16362150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4ab70000 LB 0x006e5000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
16372150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
16382150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4c630000 LB 0x00157000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
16392150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
16402150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc2d240000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
16412150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
16422150.2c68: supR3HardenedDllNotificationCallback: load 0000000054140000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
16432150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16442150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc0d010000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
16452150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
16462150.2c68: supR3HardenedDllNotificationCallback: load 0000000053bd0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
16472150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
16482150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4c950000 LB 0x000c4000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
16492150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
16502150.2c68: supR3HardenedDllNotificationCallback: load 00007ffbf3830000 LB 0x0260b000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
16512150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
16522150.2c68: supR3HardenedDllNotificationCallback: load 0000000054ac0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
16532150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
16542150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc3f190000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
16552150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
16562150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc3f1c0000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
16572150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
16582150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc155d0000 LB 0x001c9000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
16592150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
16602150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
16612150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
16622150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
16632150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
16642150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
16652150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
16662150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
16672150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
16682150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
16692150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
16702150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
16712150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
16722150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
16732150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
16742150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
16752150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
16762150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
16772150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
16782150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
16792150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
16802150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
16812150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
16822150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
16832150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
16842150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
16852150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
16862150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
16872150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
16882150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
16892150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
16902150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
16912150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
16922150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
16932150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
16942150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
16952150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
16962150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
16972150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
16982150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
16992150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
17002150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
17012150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
17022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17042150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17062150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17072150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
17082150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
17092150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
17102150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
17112150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
17122150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
17132150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
17142150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17152150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17162150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17172150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17182150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17192150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17202150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
17212150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
17222150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
17232150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17242150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17252150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
17262150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
17272150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
17282150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17292150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17302150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
17312150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
17322150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
17332150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
17342150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\umpdc.dll
17352150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17362150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17372150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
17382150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
17392150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [redoing WinVerifyTrust]
17402150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
17412150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\combase.dll
17422150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17432150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17442150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
17452150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17462150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17472150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17482150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17492150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
17502150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
17512150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
17522150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17532150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17542150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
17552150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
17562150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
17572150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17582150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17592150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
17602150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
17612150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
17622150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17632150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17642150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17652150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
17662150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
17672150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17682150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17692150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
17702150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
17712150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
17722150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17732150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17742150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17752150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
17762150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
17772150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17782150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bb20000 'C:\WINDOWS\System32\kernel32.dll'
17792150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
17802150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
17812150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
17822150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
17832150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
17842150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
17852150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
17862150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
17872150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
17882150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
17892150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
17902150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
17912150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
17922150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
17932150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
17942150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
17952150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
17962150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
17972150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
17982150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
17992150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
18002150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
18012150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
18022150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
18032150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18042150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18052150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
18062150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
18072150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
18082150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
18092150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
18102150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
18112150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
18122150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
18132150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
18142150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
18152150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
18162150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
18172150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
18182150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
18192150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
18202150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
18212150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
18222150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
18232150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
18242150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
18252150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
18262150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
18272150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
18282150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
18292150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
18302150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
18312150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
18322150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
18332150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
18342150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
18352150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
18362150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
18372150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
18382150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
18392150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
18402150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
18412150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18422150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18432150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
18442150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
18452150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
18462150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
18472150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
18482150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
18492150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
18502150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
18512150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
18522150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
18532150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
18542150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
18552150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
18562150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
18572150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-string-l1-1-0'
18582150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
18592150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
18602150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
18612150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
18622150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
18632150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
18642150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
18652150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
18662150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
18672150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
18682150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
18692150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
18702150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
18712150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
18722150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
18732150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
18742150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
18752150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
18762150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
18772150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
18782150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
18792150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
18802150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
18812150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
18822150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18832150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18842150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
18852150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
18862150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
18872150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
18882150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
18892150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
18902150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
18912150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
18922150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
18932150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
18942150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
18952150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
18962150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
18972150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
18982150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
18992150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
19002150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
19012150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
19022150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
19032150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
19042150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
19052150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
19062150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
19072150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
19082150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
19092150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
19102150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
19112150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
19122150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
19132150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
19142150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
19152150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
19162150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
19172150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
19182150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
19192150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
19202150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19212150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19222150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
19232150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
19242150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
19252150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
19262150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
19272150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
19282150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
19292150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
19302150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
19312150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
19322150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
19332150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
19342150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
19352150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
19362150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-datetime-l1-1-1'
19372150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
19382150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
19392150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
19402150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
19412150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
19422150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
19432150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
19442150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
19452150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
19462150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
19472150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
19482150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
19492150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
19502150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
19512150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
19522150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
19532150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
19542150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
19552150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
19562150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
19572150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
19582150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
19592150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
19602150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
19612150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19622150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19632150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
19642150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
19652150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
19662150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
19672150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
19682150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
19692150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
19702150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
19712150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
19722150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
19732150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
19742150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
19752150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
19762150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
19772150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
19782150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
19792150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
19802150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
19812150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
19822150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
19832150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
19842150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
19852150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
19862150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
19872150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
19882150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
19892150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
19902150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
19912150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
19922150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
19932150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
19942150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
19952150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
19962150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
19972150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
19982150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
19992150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20002150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20012150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20022150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20032150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20042150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20052150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20062150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20072150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
20082150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
20092150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
20102150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
20112150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
20122150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
20132150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
20142150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
20152150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-localization-obsolete-l1-2-0'
20162150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
20172150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
20182150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
20192150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
20202150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
20212150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
20222150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
20232150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
20242150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
20252150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
20262150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
20272150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
20282150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
20292150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
20302150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
20312150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
20322150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
20332150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
20342150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
20352150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
20362150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
20372150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
20382150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20392150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
20402150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20412150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20422150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20432150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20442150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20452150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20462150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20472150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20482150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
20492150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
20502150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
20512150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
20522150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
20532150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
20542150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
20552150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
20562150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
20572150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
20582150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
20592150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
20602150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
20612150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
20622150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
20632150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
20642150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
20652150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
20662150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
20672150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
20682150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
20692150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
20702150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
20712150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
20722150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
20732150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
20742150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
20752150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
20762150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20772150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
20782150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20792150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20802150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20812150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20822150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20832150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20842150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20852150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20862150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
20872150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
20882150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
20892150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
20902150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
20912150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
20922150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
20932150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
20942150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
20952150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
20962150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
20972150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
20982150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
20992150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
21002150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21012150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
21022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21042150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
21052150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21062150.2c68: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
21072150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
21082150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4c7a0000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
21092150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
21102150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c7a0000 'C:\WINDOWS\system32\IMM32.DLL'
21112150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
21122150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
21132150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
21142150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
21152150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
21162150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
21172150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
21182150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
21192150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
21202150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
21212150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
21222150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
21232150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
21242150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
21252150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
21262150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
21272150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21282150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21292150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
21302150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
21312150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21322150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21332150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21342150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21352150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21362150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21372150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21382150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21392150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21402150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21412150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21422150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21432150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21442150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21452150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
21462150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
21472150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21482150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21492150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
21502150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
21512150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
21522150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
21532150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
21542150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
21552150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
21562150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
21572150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
21582150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
21592150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
21602150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
21612150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
21622150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
21632150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
21642150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
21652150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
21662150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
21672150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21682150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21692150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
21702150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
21712150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21722150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21732150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21742150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21752150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21762150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21772150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21782150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21792150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21802150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21812150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21822150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21832150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21842150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21852150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
21862150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
21872150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21882150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21892150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
21902150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
21912150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
21922150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21932150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c7d0000 'C:\WINDOWS\System32\ADVAPI32.DLL'
21942150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
21952150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
21962150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'.
21972150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rescheduled]
21982150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'.
21992150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll' [rescheduled]
22002150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'.
22012150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rescheduled]
22022150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'.
22032150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll' [rescheduled]
22042150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'.
22052150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll' [rescheduled]
22062150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'.
22072150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll' [rescheduled]
22082150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
22092150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rescheduled]
22102150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
22112150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
22122150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
22132150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
22142150.2c68: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
22152150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
22162150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
22172150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
22182150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
22192150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
22202150.2c68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
22212150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
22222150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
22232150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
22242150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
22252150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
22262150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
22272150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
22282150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
22292150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
22302150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22312150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22322150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'.
22332150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rescheduled]
22342150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc155d0000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
22352150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22362150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22372150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
22382150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22392150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22402150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'
22412150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22422150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22432150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
22442150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22452150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22462150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
22472150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22482150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22492150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\powrprof.dll'
22502150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22512150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22522150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\umpdc.dll'
22532150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22542150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22552150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
22562150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22572150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22582150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
22592150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22602150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22612150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'
22622150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22632150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22642150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'
22652150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d4 pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
22662150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
22672150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
22682150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
22692150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22702150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22712150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.449.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
22722150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22732150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
22742150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22752150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22762150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll'
22772150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22782150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22792150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
22802150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22812150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
22822150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22832150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22842150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll'
22852150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22862150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22872150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
22882150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22892150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22902150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
22912150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22922150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22932150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'
22942150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
22952150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
22962150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
22972150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
22982150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22992150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
23002150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
23012150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll'
23022150.2c68: SUPR3HardenedMain: Calling TrustedMain (00007ffc155d16c0)...
23032150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
23042150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
23052150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
23062150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
23072150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
23082150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
23092150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
23102150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
23112150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
23122150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
23132150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
23142150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
23152150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
23162150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
23172150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23182150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23192150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
23202150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
23212150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
23222150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
23232150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
23242150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
23252150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23262150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23272150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
23282150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
23292150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
23302150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
23312150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23322150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23332150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
23342150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
23352150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
23362150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
23372150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
23382150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
23392150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
23402150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23412150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23422150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23432150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23442150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
23452150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23462150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23472150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23482150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
23492150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc16b90000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
23502150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
23512150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc16b90000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
23522150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000640 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23532150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
23542150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
23552150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=286AD1CEC16EFDCA5718925D19E68A486A5851A0
23562150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
23572150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
23582150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
23592150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23602150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23612150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
23622150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
23632150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
23642150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23652150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23662150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23672150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23682150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23692150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23702150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23712150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
23722150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23732150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc470f0000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
23742150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23752150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc470f0000 'C:\WINDOWS\system32\uxtheme.dll'
23762150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bd60000 'C:\WINDOWS\system32\user32.dll'
23772150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
23782150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23792150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
23802150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
23812150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23822150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bf00000 'C:\WINDOWS\system32\SHCore.dll'
23832150.2c68: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
23842150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
23852150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
23862150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23872150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\system32\winmm.dll'
23882150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
23892150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23902150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\system32\winmm.dll'
23912150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
23922150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23932150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
23942150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
23952150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23962150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc470f0000 'C:\WINDOWS\system32\uxtheme.dll'
23972150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
23982150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23992150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c7d0000 'C:\WINDOWS\system32\advapi32.dll'
24002150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
24012150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
24022150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
24032150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
24042150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
24052150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
24062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
24072150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
24082150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll
24092150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24102150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24112150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24122150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
24132150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc49840000 LB 0x00025000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
24142150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
24152150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49840000 'C:\WINDOWS\system32\userenv.dll'
24162150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
24172150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24182150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bb20000 'C:\WINDOWS\System32\kernel32.dll'
24192150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b710000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
24202150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24212150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
24222150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
24232150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
24242150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24252150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24262150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24272150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24282150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
24292150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
24302150.ac4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
24312150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
24322150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24332150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
24342150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
24352150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
24362150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
24372150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
24382150.ac4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
24392150.ac4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
24402150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24412150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24422150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24432150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24442150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24452150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24462150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24472150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24482150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
24492150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24502150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24512150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
24522150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
24532150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
24542150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24552150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24562150.ac4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24572150.ac4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
24582150.ac4: supR3HardenedDllNotificationCallback: load 00007ffc15820000 LB 0x003b0000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
24592150.ac4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
24602150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc15820000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
24612150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
24622150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
24632150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
24642150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
24652150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
24662150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
24672150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
24682150.ac4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
24692150.ac4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
24702150.ac4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
24712150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24722150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24732150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
24742150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
24752150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24762150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
24772150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
24782150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
24792150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
24802150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
24812150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
24822150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
24832150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
24842150.ac4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
24852150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
24862150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
24872150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
24882150.ac4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
24892150.ac4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24902150.ac4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
24912150.ac4: supR3HardenedDllNotificationCallback: load 00007ffc1c8f0000 LB 0x000ed000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
24922150.ac4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
24932150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc1c8f0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
24942150.ac4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
24952150.ac4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24962150.ac4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c950000 'C:\Windows\System32\oleaut32.dll'
24972150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bd30000 'C:\WINDOWS\system32\gdi32.dll'
24982150.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
24992150.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25002150.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25012150.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
25022150.1460: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
25032150.1460: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
25042150.1460: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25052150.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
25062150.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
25072150.1460: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25082150.1460: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25092150.1460: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25102150.1460: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25112150.1460: supR3HardenedDllNotificationCallback: load 00007ffc41690000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
25122150.1460: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
25132150.1460: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc41690000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
25142150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
25152150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25162150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
25172150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc4b550000 LB 0x00136000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
25182150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25192150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
25202150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
25212150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
25222150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
25232150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
25242150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
25252150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
25262150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25272150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25282150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
25292150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
25302150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
25312150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25322150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
25332150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25342150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25352150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
25362150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25372150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25382150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
25392150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25402150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25412150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25422150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
25432150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
25442150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000096c pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
25452150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
25462150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
25472150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3632E0380EF7C400BBC7C4B0B9ED8D9F9860503B
25482150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25492150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
25502150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
25512150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25522150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25532150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
25542150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
25552150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
25562150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
25572150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
25582150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
25592150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
25602150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
25612150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25622150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
25632150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
25642150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
25652150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll) WinVerifyTrust
25662150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll
25672150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
25682150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
25692150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
25702150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
25712150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
25722150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
25732150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
25742150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
25752150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25762150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
25772150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25782150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
25792150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
25802150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll) WinVerifyTrust
25812150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
25822150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
25832150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
25842150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
25852150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
25862150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
25872150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
25882150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25892150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25902150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
25912150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
25922150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll
25932150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
25942150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
25952150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
25962150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
25972150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25982150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
25992150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll) WinVerifyTrust
26002150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
26012150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26032150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
26042150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
26052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
26062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26072150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26082150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
26092150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
26102150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
26112150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
26122150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll
26132150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc48600000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
26142150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll
26152150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc461f0000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
26162150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll
26172150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc468b0000 LB 0x001db000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
26182150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll
26192150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc23f70000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
26202150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
26212150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bd30000 'C:\WINDOWS\System32\gdi32.dll'
26222150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc23f70000 'C:\WINDOWS\system32\dataexchange.dll'
26232150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
26242150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
26252150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
26262150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
26272150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
26282150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
26292150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26302150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
26312150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rmclient.dll)
26322150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rmclient.dll
26332150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc47d40000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
26342150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
26352150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc47910000 LB 0x0025a000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
26362150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
26372150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26382150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26392150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26402150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26412150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
26422150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
26432150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
26442150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
26452150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
26462150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
26472150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26482150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26492150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
26502150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume3\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
26512150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
26522150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
26532150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
26542150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rmclient.dll'
26552150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
26562150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
26572150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26582150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
26592150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
26602150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
26612150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26622150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bf00000 'C:\WINDOWS\system32\Shcore.dll'
26632150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
26642150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26652150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c630000 'C:\WINDOWS\System32\ole32.dll'
26662150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
26672150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26682150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c950000 'C:\WINDOWS\System32\OLEAUT32.dll'
26692150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a38 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
26702150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
26712150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
26722150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DB1AA7E2E4704C908EC9382E1F9E64808B9E5E1D
26732150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
26742150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
26752150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
26762150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26772150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26782150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
26792150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
26802150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
26812150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
26822150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
26832150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
26842150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a54 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
26852150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
26862150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
26872150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22EAF38FA276D7A374D3945ACD556FA0953D3440
26882150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
26892150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
26902150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
26912150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26922150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26932150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
26942150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
26952150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
26962150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
26972150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
26982150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
26992150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
27002150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27012150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
27032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
27042150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
27052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
27062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
27072150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
27082150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27092150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27102150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27112150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
27122150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
27132150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc36d00000 LB 0x00084000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
27142150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
27152150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc36670000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
27162150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
27172150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
27182150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27192150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
27202150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc36670000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
27212150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a20 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
27222150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
27232150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
27242150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00C864D7F76A7AD25E7D0DA164B0B66188F5B7FF
27252150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
27262150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
27272150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
27282150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27292150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27302150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
27312150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
27322150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
27332150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27342150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27352150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27362150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27372150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27382150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
27392150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc32010000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
27402150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
27412150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32010000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
27422150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
27432150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27442150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-localization-l1-2-0.dll'
27452150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
27462150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27472150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
27482150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a84 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
27492150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
27502150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
27512150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
27522150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
27532150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
27542150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
27552150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27562150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27572150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
27582150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
27592150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
27602150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
27612150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
27622150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
27632150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27642150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27652150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27662150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
27672150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc32030000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
27682150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
27692150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32030000 'C:\WINDOWS\system32\wbem\fastprox.dll'
27702150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009c4 pwszName=\Device\HarddiskVolume3\Windows\System32\amsi.dll
27712150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
27722150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
27732150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5D4D58A583ACAD5AA76D7DD0F2DB8ADE903942B
27742150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
27752150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
27762150.2c68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume3\Windows\System32\amsi.dll'
27772150.2c68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27782150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27792150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
27802150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'userenv.dll'.
27812150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\amsi.dll) WinVerifyTrust
27822150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\amsi.dll
27832150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
27842150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
27852150.2c68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
27862150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27872150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27882150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27892150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27902150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
27912150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
27922150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc31c20000 LB 0x00015000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
27932150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
27942150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc31c20000 'C:\WINDOWS\System32\amsi.dll'
27952150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
27962150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
27972150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
27982150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
27992150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
28002150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.5-0\MpOAV.dll) WinVerifyTrust
28012150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.5-0\MpOAV.dll
28022150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
28032150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
28042150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28052150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
28062150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
28072150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
28082150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.5-0\MpOav.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28092150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.5-0\MpOAV.dll
28102150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc31bd0000 LB 0x00046000 C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.5-0\MpOav.dll [fFlags=0x0]
28112150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2003.5-0\MpOAV.dll
28122150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
28132150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28142150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-synch-l1-2-0'
28152150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
28162150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28172150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-fibers-l1-1-1'
28182150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
28192150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28202150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-synch-l1-2-0'
28212150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
28222150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28232150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-fibers-l1-1-1'
28242150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
28252150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28262150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49e60000 'api-ms-win-core-localization-l1-2-1'
28272150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
28282150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28292150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll)
28302150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
28312150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28322150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28332150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28342150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
28352150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc423f0000 LB 0x0000a000 C:\WINDOWS\system32\version.dll [fFlags=0x0]
28362150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
28372150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc423f0000 'C:\WINDOWS\system32\version.dll'
28382150.2c68: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
28392150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
28402150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc31bd0000 'C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2003.5-0\MpOav.dll'
28412150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
28422150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
28432150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\version.dll'
28442150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4c7d0000 'C:\WINDOWS\System32\ADVAPI32.dll'
28452150.2610: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
28462150.2610: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28472150.2610: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28482150.2610: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
28492150.2610: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28502150.2610: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28512150.2610: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28522150.2610: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28532150.2610: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28542150.2610: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28552150.2610: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28562150.2610: supR3HardenedDllNotificationCallback: load 00007ffc119a0000 LB 0x0037d000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
28572150.2610: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28582150.2610: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc119a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
28592150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
28602150.34cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
28612150.34cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28622150.34cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
28632150.34cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
28642150.34cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
28652150.34cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
28662150.34cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
28672150.34cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
28682150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28692150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28702150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28712150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28722150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
28732150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
28742150.34cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28752150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
28762150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
28772150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28782150.34cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28792150.34cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28802150.34cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
28812150.34cc: supR3HardenedDllNotificationCallback: load 00007ffc3f6a0000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
28822150.34cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
28832150.34cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f6a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
28842150.450: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
28852150.450: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28862150.450: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
28872150.450: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
28882150.450: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
28892150.450: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
28902150.450: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28912150.450: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28922150.450: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
28932150.450: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
28942150.450: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28952150.450: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28962150.450: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
28972150.450: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28982150.450: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
28992150.450: supR3HardenedDllNotificationCallback: load 00007ffc3edd0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
29002150.450: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
29012150.450: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3edd0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
29022150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
29032150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29042150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\Shell32.dll'
29052150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
29062150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29072150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc119a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
29082150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
29092150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29102150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29112150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
29122150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
29132150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
29142150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
29152150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29162150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
29172150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
29182150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29192150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29202150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29212150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29222150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29232150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29242150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29252150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29262150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29272150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29282150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc366d0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
29292150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
29302150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc366d0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
29312150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc366d0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
29322150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
29332150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
29342150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29352150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29362150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29372150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
29382150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
29392150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
29402150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
29412150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
29422150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
29432150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
29442150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
29452150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
29462150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
29472150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
29482150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
29492150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
29502150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
29512150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
29522150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
29532150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
29542150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
29552150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
29562150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
29572150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
29582150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
29592150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
29602150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
29612150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29622150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
29632150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'cfgmgr32.dll'.
29642150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
29652150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
29662150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
29672150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
29682150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
29692150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
29702150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
29712150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
29722150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
29732150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
29742150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
29752150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
29762150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
29772150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29782150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29792150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29802150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29812150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
29822150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
29832150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29842150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4b550000 'C:\WINDOWS\System32\MSCTF.dll'
29852150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29862150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
29872150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
29882150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
29892150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
29902150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
29912150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29922150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
29932150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
29942150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
29952150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
29962150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
29972150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29982150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29992150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30002150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30012150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
30022150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
30032150.31c4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'.
30042150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30052150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
30062150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
30072150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
30082150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume3\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
30092150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30102150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
30112150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
30122150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
30132150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
30142150.2c68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
30152150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntmarta.dll)
30162150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntmarta.dll
30172150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
30182150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
30192150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
30202150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
30212150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
30222150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc48960000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
30232150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
30242150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc46a90000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
30252150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
30262150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc44fa0000 LB 0x00153000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
30272150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
30282150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc3e730000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
30292150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
30302150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc3e040000 LB 0x0009e000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
30312150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
30322150.31c4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'.
30332150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30342150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
30352150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
30362150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
30372150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30382150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30392150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30402150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30412150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
30422150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
30432150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
30442150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
30452150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
30462150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
30472150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30482150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30492150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
30502150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
30512150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
30522150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
30532150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
30542150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
30552150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
30562150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
30572150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
30582150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
30592150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
30602150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
30612150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
30622150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
30632150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30642150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30652150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30662150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30672150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
30682150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30692150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30702150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
30712150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
30722150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
30732150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
30742150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
30752150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30762150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30772150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
30782150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
30792150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30802150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30812150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30822150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30832150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
30842150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
30852150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
30862150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
30872150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30882150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30892150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30902150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30912150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30922150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30932150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30942150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
30952150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
30962150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
30972150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
30982150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc4bfb0000 LB 0x00470000 C:\WINDOWS\System32\SETUPAPI.dll [fFlags=0x0]
30992150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
31002150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc2de50000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
31012150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
31022150.31c4: supR3HardenedDllNotificationCallback: load 00007ffbf6460000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
31032150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
31042150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc48ea0000 LB 0x0003a000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
31052150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
31062150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc0a9a0000 LB 0x009e1000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
31072150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
31082150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc0a9a0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
31092150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31102150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
31112150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
31122150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31132150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
31142150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ntmarta.dll'
31152150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31162150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
31172150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'
31182150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31192150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
31202150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'
31212150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31222150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
31232150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
31242150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31252150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
31262150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31272150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
31282150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc366d0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
31292150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
31302150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc366d0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
31312150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31322150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
31332150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31342150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc15820000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
31352150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31362150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
31372150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31382150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbf6460000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
31392150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31402150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31412150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31422150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31432150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
31442150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31452150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31462150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31472150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31482150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31492150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31502150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31512150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc3ed90000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
31522150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
31532150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3ed90000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
31542150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31552150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31562150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31572150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31582150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
31592150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
31602150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31612150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31622150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31632150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31642150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31652150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
31662150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc367e0000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
31672150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
31682150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc367e0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
31692150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31702150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31712150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31722150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31732150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
31742150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31752150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31762150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31772150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31782150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31792150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31802150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31812150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc367c0000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
31822150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
31832150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc367c0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
31842150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31852150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
31862150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31872150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
31882150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
31892150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31902150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31912150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31922150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31932150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31942150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31952150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31962150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc36770000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
31972150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
31982150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc36770000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
31992150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
32002150.18e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
32012150.18e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32022150.18e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
32032150.18e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
32042150.18e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
32052150.18e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
32062150.18e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32072150.18e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32082150.18e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
32092150.18e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
32102150.18e8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
32112150.18e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32122150.18e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32132150.18e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32142150.18e8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
32152150.18e8: supR3HardenedDllNotificationCallback: load 00007ffc34780000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
32162150.18e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
32172150.18e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc34780000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
32182150.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
32192150.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32202150.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
32212150.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
32222150.fdc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
32232150.fdc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
32242150.fdc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
32252150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32262150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32272150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
32282150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
32292150.fdc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
32302150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
32312150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
32322150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32332150.fdc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32342150.fdc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32352150.fdc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
32362150.fdc: supR3HardenedDllNotificationCallback: load 00007ffc3ed80000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
32372150.fdc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
32382150.fdc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3ed80000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
32392150.2720: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
32402150.2720: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32412150.2720: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
32422150.2720: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
32432150.2720: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
32442150.2720: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
32452150.2720: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32462150.2720: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32472150.2720: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
32482150.2720: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
32492150.2720: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32502150.2720: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32512150.2720: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32522150.2720: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
32532150.2720: supR3HardenedDllNotificationCallback: load 00007ffc368d0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
32542150.2720: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
32552150.2720: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc368d0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
32562150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
32572150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
32582150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32592150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
32602150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
32612150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
32622150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32632150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32642150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32652150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32662150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32672150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
32682150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc445c0000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
32692150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
32702150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc445c0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
32712150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
32722150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32732150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48ea0000 'C:\WINDOWS\system32\Iphlpapi.dll'
32742150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32752150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
32762150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll)
32772150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
32782150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc4b4a0000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0]
32792150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
32802150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
32812150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc42d20000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\WINNSI.DLL [fFlags=0x0]
32822150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
32832150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32842150.31c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll)
32852150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
32862150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc42590000 LB 0x00016000 C:\WINDOWS\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
32872150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
32882150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
32892150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
32902150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
32912150.31c4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll)
32922150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
32932150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc42570000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
32942150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
32952150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ws2_32.dll'.
32962150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'nsi.dll'.
32972150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dnsapi.dll)
32982150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dnsapi.dll
32992150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc48ee0000 LB 0x000ca000 C:\WINDOWS\SYSTEM32\DNSAPI.dll [fFlags=0x0]
33002150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust]
33012150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
33022150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
33032150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
33042150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
33052150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
33062150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
33072150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
33082150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
33092150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
33102150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
33112150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
33122150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
33132150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33142150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33152150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33162150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33172150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
33182150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
33192150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll [lacks WinVerifyTrust]
33202150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33212150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33222150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33232150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33242150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dnsapi.dll'
33252150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e34 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
33262150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
33272150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
33282150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=ABBE12EE7925737522BCF905613B49C6CAA0BE8C
33292150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33302150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33312150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.719.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
33322150.31c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33332150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
33342150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e38 pwszName=\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
33352150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
33362150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
33372150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62657CFC96994F71846A6491CB0A48C51E4DCEBA
33382150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33392150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33402150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.719.cat'; file='\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
33412150.31c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33422150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
33432150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33442150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33452150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
33462150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33472150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33482150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
33492150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33502150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33512150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
33522150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
33532150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
33542150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust
33552150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33562150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
33572150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
33582150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33592150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33602150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
33612150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust
33622150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
33632150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
33642150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
33652150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
33662150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
33672150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
33682150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
33692150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
33702150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
33712150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
33722150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33732150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
33742150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc49720000 LB 0x0002a000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
33752150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
33762150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc41f30000 LB 0x00072000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
33772150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
33782150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc41f30000 'C:\WINDOWS\System32\MMDevApi.dll'
33792150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ee4 pwszName=\Device\HarddiskVolume3\Windows\System32\dsound.dll
33802150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
33812150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
33822150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8184043CF3F3DF1E3CF96E74DBBF7D0836417373
33832150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
33842150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33852150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
33862150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
33872150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume3\Windows\System32\dsound.dll'
33882150.31c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
33892150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
33902150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'winmm.dll'.
33912150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dsound.dll) WinVerifyTrust
33922150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dsound.dll
33932150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
33942150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
33952150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
33962150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
33972150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
33982150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
33992150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
34002150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc11840000 LB 0x00099000 C:\WINDOWS\System32\dsound.dll [fFlags=0x0]
34012150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
34022150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
34032150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34042150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc11840000 'C:\WINDOWS\System32\dsound.dll'
34052150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc11840000 'C:\WINDOWS\System32\dsound.dll'
34062150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
34072150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34082150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc11840000 'C:\WINDOWS\system32\dsound.dll'
34092150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34102150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34112150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc41f30000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
34122150.7d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
34132150.7d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
34142150.7d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
34152150.7d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
34162150.7d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
34172150.7d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
34182150.7d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll) WinVerifyTrust
34192150.7d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
34202150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
34212150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
34222150.7d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34232150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
34242150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
34252150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34262150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34272150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
34282150.7d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
34292150.7d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
34302150.7d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34312150.7d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
34322150.7d8: supR3HardenedDllNotificationCallback: load 00007ffc420c0000 LB 0x0015d000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
34332150.7d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
34342150.7d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc420c0000 'C:\WINDOWS\System32\AUDIOSES.DLL'
34352150.7d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34362150.7d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
34372150.7d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll)
34382150.7d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll
34392150.7d8: supR3HardenedDllNotificationCallback: load 00007ffc47b70000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
34402150.7d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
34412150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34422150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34432150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
34442150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34452150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34462150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
34472150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
34482150.31c4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ResourcePolicyClient.dll'
34492150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
34502150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
34512150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
34522150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f34 pwszName=\Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34532150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
34542150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
34552150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=38EA8D6D625C6A0A9075DAE17FD33652FF8FC23A
34562150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
34572150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
34582150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume3\Windows\System32\wdmaud.drv'
34592150.31c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
34602150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34612150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
34622150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
34632150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
34642150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv) WinVerifyTrust
34652150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34662150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
34672150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
34682150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
34692150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
34702150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll) WinVerifyTrust
34712150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
34722150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
34732150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
34742150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
34752150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
34762150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34772150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll) WinVerifyTrust
34782150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
34792150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
34802150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
34812150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34822150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34832150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34842150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
34852150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34862150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34872150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
34882150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34892150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
34902150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
34912150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc44b50000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
34922150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll
34932150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc446e0000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
34942150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll
34952150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc32a50000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
34962150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34972150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
34982150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
34992150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35002150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35012150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
35022150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35032150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35042150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
35052150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35062150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35072150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
35082150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35092150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35102150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
35112150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35122150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35132150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
35142150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35152150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35162150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc32a50000 'C:\WINDOWS\System32\wdmaud.drv'
35172150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f48 pwszName=\Device\HarddiskVolume3\Windows\System32\msacm32.drv
35182150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
35192150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
35202150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=763C5E89A8DA653902990733D245B99CC7C40BEA
35212150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
35222150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
35232150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume3\Windows\System32\msacm32.drv'
35242150.31c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35252150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35262150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
35272150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
35282150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
35292150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv) WinVerifyTrust
35302150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35312150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
35322150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
35332150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
35342150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
35352150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
35362150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
35372150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
35382150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35392150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll) WinVerifyTrust
35402150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
35412150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
35422150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
35432150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
35442150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35452150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35462150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35472150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35482150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35492150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35502150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
35512150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc32a30000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
35522150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll
35532150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc447e0000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
35542150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35552150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35562150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35572150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35582150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35592150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35602150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35612150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35622150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35632150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35642150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35652150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35662150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35672150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35682150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35692150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35702150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35712150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv
35722150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35732150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35742150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35752150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35762150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc447e0000 'C:\WINDOWS\System32\msacm32.drv'
35772150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fe8 pwszName=\Device\HarddiskVolume3\Windows\System32\midimap.dll
35782150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000cba3b0
35792150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000cba3b0
35802150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB34EC166C3F780657AB67E557E6C2E60C398D10
35812150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
35822150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
35832150.31c4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.657.cat'; file='\Device\HarddiskVolume3\Windows\System32\midimap.dll'
35842150.31c4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35852150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35862150.31c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
35872150.31c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\midimap.dll) WinVerifyTrust
35882150.31c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
35892150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
35902150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
35912150.31c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
35922150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35932150.31c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35942150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
35952150.31c4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35962150.31c4: supR3HardenedDllNotificationCallback: load 00007ffc43c00000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
35972150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
35982150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc43c00000 'C:\WINDOWS\System32\midimap.dll'
35992150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
36002150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36012150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc43c00000 'C:\WINDOWS\System32\midimap.dll'
36022150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
36032150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36042150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc43c00000 'C:\WINDOWS\System32\midimap.dll'
36052150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\midimap.dll
36062150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
36072150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc43c00000 'C:\WINDOWS\System32\midimap.dll'
36082150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36092150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36102150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36112150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36122150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36132150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36142150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36152150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
36162150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36172150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36182150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36192150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36202150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36212150.31c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dsound.dll
36222150.31c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36232150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc11840000 'C:\WINDOWS\system32\dsound.dll'
36242150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36252150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36262150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36272150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36282150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36292150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc3f1c0000 'C:\WINDOWS\System32\winmm.dll'
36302150.31c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
36312150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
36322150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36332150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bd60000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
36342150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
36352150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36362150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4bd60000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
36372150.2c68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
36382150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36392150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4b7e0000 'api-ms-win-core-com-l1-1-0.dll'
36402150.2c68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36412150.2c68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\iertutil.dll)
36422150.2c68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\iertutil.dll
36432150.2c68: supR3HardenedDllNotificationCallback: load 00007ffc3c310000 LB 0x002a6000 C:\WINDOWS\System32\iertutil.dll [fFlags=0x0]
36442150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
36452150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36462150.2c68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36472150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48d00000 'C:\WINDOWS\system32\rsaenh.dll'
36482150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
36492150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36502150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4a310000 'C:\WINDOWS\System32\WINTRUST.DLL'
36512150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\CRYPT32.dll'
36522150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc49cc0000 'C:\WINDOWS\System32\crypt32.dll'
36532150.2c68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\iertutil.dll'
36542150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36552150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36562150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36572150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36582150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36592150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36602150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36612150.2c68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
36622150.2c68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36632150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36642150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36652150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36662150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36672150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36682150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36692150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36702150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36712150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36722150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36732150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36742150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36752150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36762150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36772150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36782150.2c68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc4ab70000 'C:\WINDOWS\system32\shell32.dll'
36792150.2fbc: '\Device\HarddiskVolume3\Windows\System32\tzres.dll' has no imports
36802150.2fbc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\tzres.dll)
36812150.2fbc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\tzres.dll
36822150.2fbc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001064 (hFile=0000000000000ae8) with 0xc0000022 -> STATUS_TRUST_FAILURE
36832150.2fbc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
36842150.2fbc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000ae8 (hFile=0000000000001064) with 0xc0000022 -> STATUS_TRUST_FAILURE
36852150.2720: supR3HardenedDllNotificationCallback: Unload 00007ffc368d0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
36862150.fdc: supR3HardenedDllNotificationCallback: Unload 00007ffc3ed80000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
36872150.18e8: supR3HardenedDllNotificationCallback: Unload 00007ffc34780000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
36882150.450: supR3HardenedDllNotificationCallback: Unload 00007ffc3edd0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
36892150.34cc: supR3HardenedDllNotificationCallback: Unload 00007ffc3f6a0000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
36902150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc36770000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [flags=0x0]
36912150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc367c0000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [flags=0x0]
36922150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc367e0000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [flags=0x0]
36932150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc3ed90000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [flags=0x0]
36942150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc366d0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
36952150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc0a9a0000 LB 0x009e1000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
36962150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc2de50000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
36972150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffbf6460000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
36982150.31c4: supR3HardenedDllNotificationCallback: Unload 00007ffc4bfb0000 LB 0x00470000 C:\WINDOWS\System32\SETUPAPI.dll [flags=0x0]
36992150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc41690000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [flags=0x0]
37002150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc32010000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [flags=0x0]
37012150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc23f70000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [flags=0x0]
37022150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc461f0000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [flags=0x0]
37032150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc48600000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [flags=0x0]
37042150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc468b0000 LB 0x001db000 C:\WINDOWS\system32\dcomp.dll [flags=0x0]
37052150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc47910000 LB 0x0025a000 C:\WINDOWS\system32\twinapi.appcore.dll [flags=0x0]
37062150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc47d40000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [flags=0x0]
37072150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc32030000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [flags=0x0]
37082150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc1c8f0000 LB 0x000ed000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [flags=0x0]
37092150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc36670000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [flags=0x0]
37102150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc36d00000 LB 0x00084000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [flags=0x0]
37112150.2c68: supR3HardenedDllNotificationCallback: Unload 00007ffc15820000 LB 0x003b0000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
37122150.2c68: Terminating the normal way: rcExit=0
371333b8.15d4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 665503 ms, the end);
371410f8.3158: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 665969 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy