VirtualBox

Ticket #19705: VBoxHardening.log

File VBoxHardening.log, 225.9 KB (added by n3wkid2019, 4 years ago)
Line 
113cc.c74: Log file opened: 6.1.10r138449 g_hStartupLog=0000000000000014 g_uNtVerCombined=0x611db110
213cc.c74: \SystemRoot\System32\ntdll.dll:
313cc.c74: CreationTime: 2010-11-21T03:23:51.351694200Z
413cc.c74: LastWriteTime: 2010-11-21T03:23:51.367294200Z
513cc.c74: ChangeTime: 2020-06-28T00:33:12.954124600Z
613cc.c74: FileAttributes: 0x20
713cc.c74: Size: 0x1a6d60
813cc.c74: NT Headers: 0xe0
913cc.c74: Timestamp: 0x4ce7c8f9
1013cc.c74: Machine: 0x8664 - amd64
1113cc.c74: Timestamp: 0x4ce7c8f9
1213cc.c74: Image Version: 6.1
1313cc.c74: SizeOfImage: 0x1a9000 (1740800)
1413cc.c74: Resource Dir: 0x151000 LB 0x560d8
1513cc.c74: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1613cc.c74: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1713cc.c74: ProductName: Microsoft® Windows® Operating System
1813cc.c74: ProductVersion: 6.1.7601.17514
1913cc.c74: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
2013cc.c74: FileDescription: NT Layer DLL
2113cc.c74: \SystemRoot\System32\kernel32.dll:
2213cc.c74: CreationTime: 2020-06-29T07:05:55.386627700Z
2313cc.c74: LastWriteTime: 2011-05-14T07:20:00.106000000Z
2413cc.c74: ChangeTime: 2020-06-29T07:06:45.519519800Z
2513cc.c74: FileAttributes: 0x20
2613cc.c74: Size: 0x11be00
2713cc.c74: NT Headers: 0xe8
2813cc.c74: Timestamp: 0x4dce2b0d
2913cc.c74: Machine: 0x8664 - amd64
3013cc.c74: Timestamp: 0x4dce2b0d
3113cc.c74: Image Version: 6.1
3213cc.c74: SizeOfImage: 0x11f000 (1175552)
3313cc.c74: Resource Dir: 0x116000 LB 0x528
3413cc.c74: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3513cc.c74: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3613cc.c74: ProductName: Microsoft® Windows® Operating System
3713cc.c74: ProductVersion: 6.1.7601.17617
3813cc.c74: FileVersion: 6.1.7601.17617 (win7sp1_gdr.110513-1659)
3913cc.c74: FileDescription: Windows NT BASE API Client DLL
4013cc.c74: \SystemRoot\System32\KernelBase.dll:
4113cc.c74: CreationTime: 2020-06-29T07:05:55.916628400Z
4213cc.c74: LastWriteTime: 2011-05-14T07:20:00.247000000Z
4313cc.c74: ChangeTime: 2020-06-29T07:06:45.519519800Z
4413cc.c74: FileAttributes: 0x20
4513cc.c74: Size: 0x67000
4613cc.c74: NT Headers: 0xe8
4713cc.c74: Timestamp: 0x4dce2b0e
4813cc.c74: Machine: 0x8664 - amd64
4913cc.c74: Timestamp: 0x4dce2b0e
5013cc.c74: Image Version: 6.1
5113cc.c74: SizeOfImage: 0x6c000 (442368)
5213cc.c74: Resource Dir: 0x6a000 LB 0x530
5313cc.c74: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5413cc.c74: [Raw version resource data: 0x6a0b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
5513cc.c74: ProductName: Microsoft® Windows® Operating System
5613cc.c74: ProductVersion: 6.1.7601.17617
5713cc.c74: FileVersion: 6.1.7601.17617 (win7sp1_gdr.110513-1659)
5813cc.c74: FileDescription: Windows NT BASE API Client DLL
5913cc.c74: \SystemRoot\System32\apisetschema.dll:
6013cc.c74: CreationTime: 2020-06-29T08:41:18.865836100Z
6113cc.c74: LastWriteTime: 2015-02-03T03:28:14.008000000Z
6213cc.c74: ChangeTime: 2020-06-29T10:26:19.937919000Z
6313cc.c74: FileAttributes: 0x20
6413cc.c74: Size: 0x1a00
6513cc.c74: NT Headers: 0xc0
6613cc.c74: Timestamp: 0x54d04096
6713cc.c74: Machine: 0x8664 - amd64
6813cc.c74: Timestamp: 0x54d04096
6913cc.c74: Image Version: 6.1
7013cc.c74: SizeOfImage: 0x50000 (327680)
7113cc.c74: Resource Dir: 0x30000 LB 0x3f8
7213cc.c74: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7313cc.c74: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)]
7413cc.c74: ProductName: Microsoft® Windows® Operating System
7513cc.c74: ProductVersion: 6.1.7601.18741
7613cc.c74: FileVersion: 6.1.7601.18741 (win7sp1_gdr.150202-1526)
7713cc.c74: FileDescription: ApiSet Schema DLL
7813cc.c74: supR3HardenedWinFindAdversaries: 0x0
7913cc.c74: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
8013cc.c74: Calling main()
8113cc.c74: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
8213cc.c74: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
8313cc.c74: SUPR3HardenedMain: Respawn #1
8413cc.c74: System32: \Device\HarddiskVolume2\Windows\System32
8513cc.c74: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
8613cc.c74: KnownDllPath: C:\Windows\system32
8713cc.c74: supR3HardenedWinInit: Performing a limited self purification...
8813cc.c74: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
8913cc.c74: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
9013cc.c74: *0000000000010000-000000000001ffff 0x0004/0x0004 0x0040000
9113cc.c74: 0000000000020000-000000000002ffff 0x0001/0x0000 0x0000000
9213cc.c74: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
9313cc.c74: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
9413cc.c74: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
9513cc.c74: 0000000000041000-000000000004ffff 0x0001/0x0000 0x0000000
9613cc.c74: *0000000000050000-0000000000050fff 0x0004/0x0004 0x0020000
9713cc.c74: 0000000000051000-000000000007ffff 0x0001/0x0000 0x0000000
9813cc.c74: *0000000000080000-0000000000087fff 0x0004/0x0004 0x0020000
9913cc.c74: 0000000000088000-000000000017ffff 0x0000/0x0004 0x0020000
10013cc.c74: 0000000000180000-00000000001bffff 0x0001/0x0000 0x0000000
10113cc.c74: *00000000001c0000-0000000000279fff 0x0000/0x0004 0x0020000
10213cc.c74: 000000000027a000-000000000027bfff 0x0104/0x0004 0x0020000
10313cc.c74: 000000000027c000-00000000002bffff 0x0004/0x0004 0x0020000
10413cc.c74: *00000000002c0000-0000000000326fff 0x0002/0x0002 0x0040000
10513cc.c74: 0000000000327000-00000000004cffff 0x0001/0x0000 0x0000000
10613cc.c74: *00000000004d0000-0000000000533fff 0x0004/0x0004 0x0020000
10713cc.c74: 0000000000534000-000000000054ffff 0x0000/0x0004 0x0020000
10813cc.c74: *0000000000550000-00000000006f9fff 0x0004/0x0004 0x0020000
10913cc.c74: 00000000006fa000-000000007723ffff 0x0001/0x0000 0x0000000
11013cc.c74: *0000000077240000-0000000077240fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
11113cc.c74: 0000000077241000-00000000772dbfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
11213cc.c74: 00000000772dc000-0000000077349fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
11313cc.c74: 000000007734a000-000000007734bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
11413cc.c74: 000000007734c000-000000007735efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
11513cc.c74: 000000007735f000-000000007735ffff 0x0001/0x0000 0x0000000
11613cc.c74: *0000000077360000-0000000077360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11713cc.c74: 0000000077361000-0000000077462fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11813cc.c74: 0000000077463000-0000000077491fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
11913cc.c74: 0000000077492000-0000000077492fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12013cc.c74: 0000000077493000-0000000077493fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12113cc.c74: 0000000077494000-0000000077494fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12213cc.c74: 0000000077495000-0000000077496fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12313cc.c74: 0000000077497000-0000000077497fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12413cc.c74: 0000000077498000-0000000077498fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12513cc.c74: 0000000077499000-000000007749afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12613cc.c74: 000000007749b000-000000007749cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12713cc.c74: 000000007749d000-000000007749dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12813cc.c74: 000000007749e000-0000000077508fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
12913cc.c74: 0000000077509000-000000007efdffff 0x0001/0x0000 0x0000000
13013cc.c74: *000000007efe0000-000000007efe4fff 0x0002/0x0002 0x0040000
13113cc.c74: 000000007efe5000-000000007f0dffff 0x0000/0x0002 0x0040000
13213cc.c74: *000000007f0e0000-000000007ffdffff 0x0000/0x0002 0x0020000
13313cc.c74: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
13413cc.c74: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
13513cc.c74: 000000007fff0000-000000013f93ffff 0x0001/0x0000 0x0000000
13613cc.c74: *000000013f940000-000000013f940fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13713cc.c74: 000000013f941000-000000013f9b6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13813cc.c74: 000000013f9b7000-000000013f9b7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
13913cc.c74: 000000013f9b8000-000000013f9fffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14013cc.c74: 000000013fa00000-000000013fa02fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14113cc.c74: 000000013fa03000-000000013fa05fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14213cc.c74: 000000013fa06000-000000013fa08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14313cc.c74: 000000013fa09000-000000013fa09fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14413cc.c74: 000000013fa0a000-000000013fa0bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14513cc.c74: 000000013fa0c000-000000013fa0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14613cc.c74: 000000013fa0d000-000000013fa55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14713cc.c74: 000000013fa56000-000007fefd56ffff 0x0001/0x0000 0x0000000
14813cc.c74: *000007fefd570000-000007fefd570fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
14913cc.c74: 000007fefd571000-000007fefd5bafff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
15013cc.c74: 000007fefd5bb000-000007fefd5d0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
15113cc.c74: 000007fefd5d1000-000007fefd5d2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
15213cc.c74: 000007fefd5d3000-000007fefd5dbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
15313cc.c74: 000007fefd5dc000-000007feff67ffff 0x0001/0x0000 0x0000000
15413cc.c74: *000007feff680000-000007feff680fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
15513cc.c74: 000007feff681000-000007fffffaffff 0x0001/0x0000 0x0000000
15613cc.c74: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
15713cc.c74: 000007fffffd3000-000007fffffd8fff 0x0001/0x0000 0x0000000
15813cc.c74: *000007fffffd9000-000007fffffd9fff 0x0004/0x0004 0x0020000
15913cc.c74: 000007fffffda000-000007fffffddfff 0x0001/0x0000 0x0000000
16013cc.c74: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
16113cc.c74: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
16213cc.c74: apisetschema.dll: timestamp 0x54d04096 (rc=VINF_SUCCESS)
16313cc.c74: kernelbase.dll: timestamp 0x4dce2b0e (rc=VINF_SUCCESS)
16413cc.c74: VirtualBoxVM.exe: timestamp 0x5ed9201b (rc=VINF_SUCCESS)
16513cc.c74: kernel32.dll: timestamp 0x4dce2b0d (rc=VINF_SUCCESS)
16613cc.c74: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
16713cc.c74: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
16813cc.c74: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
16913cc.c74: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
17013cc.c74: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
17113cc.c74: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
17213cc.c74: supR3HardNtEnableThreadCreationEx:
17313cc.c74: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007738c320 pvNtTerminateThread=00000000773b1840
17413cc.c74: supR3HardenedWinDoReSpawn(1): New child f04.11ac [kernel32].
17513cc.c74: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdd000 cbPeb=0x380
17613cc.c74: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077360000 uNtDllChildAddr=0000000077360000
17713cc.c74: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007738c320
17813cc.c74: supR3HardenedWinSetupChildInit: Initial context:
179 rax=0000000000000000 rbx=0000000000000000 rcx=000000013f947900 rdx=000007fffffdd000
180 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
181 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
182 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
183 rip=000000007738c500 rsp=00000000002eff38 rbp=0000000000000000 ctxflags=0010001b
184 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
185 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
186 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
187 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
188 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
18913cc.c74: supR3HardenedWinSetupChildInit: Start child.
19013cc.c74: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 10 ms.
19113cc.c74: supR3HardNtChildPurify: Startup delay kludge #1/0: 260 ms, 26 sleeps
19213cc.c74: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
19313cc.c74: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
19413cc.c74: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
19513cc.c74: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
19613cc.c74: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
19713cc.c74: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
19813cc.c74: 0000000000041000-000000000004ffff 0x0001/0x0000 0x0000000
19913cc.c74: *0000000000050000-0000000000050fff 0x0004/0x0004 0x0020000
20013cc.c74: 0000000000051000-00000000001effff 0x0001/0x0000 0x0000000
20113cc.c74: *00000000001f0000-00000000002ebfff 0x0000/0x0004 0x0020000
20213cc.c74: 00000000002ec000-00000000002edfff 0x0104/0x0004 0x0020000
20313cc.c74: 00000000002ee000-00000000002effff 0x0004/0x0004 0x0020000
20413cc.c74: 00000000002f0000-000000007735ffff 0x0001/0x0000 0x0000000
20513cc.c74: *0000000077360000-0000000077360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
20613cc.c74: 0000000077361000-0000000077462fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
20713cc.c74: 0000000077463000-0000000077491fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
20813cc.c74: 0000000077492000-000000007749dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
20913cc.c74: 000000007749e000-0000000077508fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
21013cc.c74: 0000000077509000-000000007efdffff 0x0001/0x0000 0x0000000
21113cc.c74: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
21213cc.c74: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
21313cc.c74: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
21413cc.c74: 000000007fff0000-000000013f93ffff 0x0001/0x0000 0x0000000
21513cc.c74: *000000013f940000-000000013f940fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
21613cc.c74: 000000013f941000-000000013f9b6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
21713cc.c74: 000000013f9b7000-000000013f9b7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
21813cc.c74: 000000013f9b8000-000000013f9fffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
21913cc.c74: 000000013fa00000-000000013fa00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22013cc.c74: 000000013fa01000-000000013fa01fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22113cc.c74: 000000013fa02000-000000013fa06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22213cc.c74: 000000013fa07000-000000013fa07fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22313cc.c74: 000000013fa08000-000000013fa08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22413cc.c74: 000000013fa09000-000000013fa0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22513cc.c74: 000000013fa0d000-000000013fa55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
22613cc.c74: 000000013fa56000-000007feff67ffff 0x0001/0x0000 0x0000000
22713cc.c74: *000007feff680000-000007feff680fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
22813cc.c74: 000007feff681000-000007fffffaffff 0x0001/0x0000 0x0000000
22913cc.c74: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
23013cc.c74: 000007fffffd3000-000007fffffdcfff 0x0001/0x0000 0x0000000
23113cc.c74: *000007fffffdd000-000007fffffddfff 0x0004/0x0004 0x0020000
23213cc.c74: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
23313cc.c74: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
23413cc.c74: supR3HardNtChildPurify: Done after 260 ms and 0 fixes (loop #0).
235f04.11ac: Log file opened: 6.1.10r138449 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
236f04.11ac: supR3HardenedVmProcessInit: uNtDllAddr=0000000077360000 g_uNtVerCombined=0x611db100 (stack ~00000000002ef9e8)
237f04.11ac: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
238f04.11ac: New simple heap: #1 00000000002f0000 LB 0x400000 (for 1740800 allocation)
23913cc.c74: supR3HardNtEnableThreadCreationEx:
240f04.11ac: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
241f04.11ac: System32: \Device\HarddiskVolume2\Windows\System32
242f04.11ac: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
243f04.11ac: KnownDllPath: C:\Windows\system32
244f04.11ac: supR3HardenedVmProcessInit: Opening vboxdrv stub...
245f04.11ac: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
246f04.11ac: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
247f04.11ac: Registered Dll notification callback with NTDLL.
248f04.11ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
249f04.11ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
250f04.11ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
251f04.11ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
252f04.11ac: supR3HardenedDllNotificationCallback: load 0000000077240000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
253f04.11ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
254f04.11ac: supR3HardenedDllNotificationCallback: load 000007fefd570000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
255f04.11ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
256f04.11ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
257f04.11ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077240000 'C:\Windows\system32\kernel32.dll'
258f04.11ac: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007738c320 pvNtTerminateThread=00000000773b1840
25913cc.c74: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 40 ms.
260f04.11ac: \SystemRoot\System32\ntdll.dll:
261f04.11ac: CreationTime: 2010-11-21T03:23:51.351694200Z
262f04.11ac: LastWriteTime: 2010-11-21T03:23:51.367294200Z
263f04.11ac: ChangeTime: 2020-06-28T00:33:12.954124600Z
264f04.11ac: FileAttributes: 0x20
265f04.11ac: Size: 0x1a6d60
266f04.11ac: NT Headers: 0xe0
267f04.11ac: Timestamp: 0x4ce7c8f9
268f04.11ac: Machine: 0x8664 - amd64
269f04.11ac: Timestamp: 0x4ce7c8f9
270f04.11ac: Image Version: 6.1
271f04.11ac: SizeOfImage: 0x1a9000 (1740800)
272f04.11ac: Resource Dir: 0x151000 LB 0x560d8
273f04.11ac: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
274f04.11ac: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]
275f04.11ac: ProductName: Microsoft® Windows® Operating System
276f04.11ac: ProductVersion: 6.1.7601.17514
277f04.11ac: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
278f04.11ac: FileDescription: NT Layer DLL
279f04.11ac: \SystemRoot\System32\kernel32.dll:
280f04.11ac: CreationTime: 2020-06-29T07:05:55.386627700Z
281f04.11ac: LastWriteTime: 2011-05-14T07:20:00.106000000Z
282f04.11ac: ChangeTime: 2020-06-29T07:06:45.519519800Z
283f04.11ac: FileAttributes: 0x20
284f04.11ac: Size: 0x11be00
285f04.11ac: NT Headers: 0xe8
286f04.11ac: Timestamp: 0x4dce2b0d
287f04.11ac: Machine: 0x8664 - amd64
288f04.11ac: Timestamp: 0x4dce2b0d
289f04.11ac: Image Version: 6.1
290f04.11ac: SizeOfImage: 0x11f000 (1175552)
291f04.11ac: Resource Dir: 0x116000 LB 0x528
292f04.11ac: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
293f04.11ac: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
294f04.11ac: ProductName: Microsoft® Windows® Operating System
295f04.11ac: ProductVersion: 6.1.7601.17617
296f04.11ac: FileVersion: 6.1.7601.17617 (win7sp1_gdr.110513-1659)
297f04.11ac: FileDescription: Windows NT BASE API Client DLL
298f04.11ac: \SystemRoot\System32\KernelBase.dll:
299f04.11ac: CreationTime: 2020-06-29T07:05:55.916628400Z
300f04.11ac: LastWriteTime: 2011-05-14T07:20:00.247000000Z
301f04.11ac: ChangeTime: 2020-06-29T07:06:45.519519800Z
302f04.11ac: FileAttributes: 0x20
303f04.11ac: Size: 0x67000
304f04.11ac: NT Headers: 0xe8
305f04.11ac: Timestamp: 0x4dce2b0e
306f04.11ac: Machine: 0x8664 - amd64
307f04.11ac: Timestamp: 0x4dce2b0e
308f04.11ac: Image Version: 6.1
309f04.11ac: SizeOfImage: 0x6c000 (442368)
310f04.11ac: Resource Dir: 0x6a000 LB 0x530
311f04.11ac: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
312f04.11ac: [Raw version resource data: 0x6a0b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
313f04.11ac: ProductName: Microsoft® Windows® Operating System
314f04.11ac: ProductVersion: 6.1.7601.17617
315f04.11ac: FileVersion: 6.1.7601.17617 (win7sp1_gdr.110513-1659)
316f04.11ac: FileDescription: Windows NT BASE API Client DLL
317f04.11ac: \SystemRoot\System32\apisetschema.dll:
318f04.11ac: CreationTime: 2020-06-29T08:41:18.865836100Z
319f04.11ac: LastWriteTime: 2015-02-03T03:28:14.008000000Z
320f04.11ac: ChangeTime: 2020-06-29T10:26:19.937919000Z
321f04.11ac: FileAttributes: 0x20
322f04.11ac: Size: 0x1a00
323f04.11ac: NT Headers: 0xc0
324f04.11ac: Timestamp: 0x54d04096
325f04.11ac: Machine: 0x8664 - amd64
326f04.11ac: Timestamp: 0x54d04096
327f04.11ac: Image Version: 6.1
328f04.11ac: SizeOfImage: 0x50000 (327680)
329f04.11ac: Resource Dir: 0x30000 LB 0x3f8
330f04.11ac: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
331f04.11ac: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)]
332f04.11ac: ProductName: Microsoft® Windows® Operating System
333f04.11ac: ProductVersion: 6.1.7601.18741
334f04.11ac: FileVersion: 6.1.7601.18741 (win7sp1_gdr.150202-1526)
335f04.11ac: FileDescription: ApiSet Schema DLL
336f04.11ac: supR3HardenedWinFindAdversaries: 0x0
337f04.11ac: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
338f04.11ac: Calling main()
339f04.11ac: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
340f04.11ac: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
341f04.11ac: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
342f04.11ac: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
343f04.11ac: SUPR3HardenedMain: Respawn #2
344f04.11ac: supR3HardNtEnableThreadCreationEx:
345f04.11ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\apphelp.dll)
346f04.11ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\apphelp.dll
347f04.11ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
348f04.11ac: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
349f04.11ac: supR3HardenedDllNotificationCallback: load 000007fefd140000 LB 0x00057000 C:\Windows\system32\apphelp.dll [fFlags=0x0]
350f04.11ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
351f04.11ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd140000 'C:\Windows\system32\apphelp.dll'
352f04.11ac: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007738c320 pvNtTerminateThread=00000000773b1840
353f04.11ac: supR3HardenedWinDoReSpawn(2): New child 10cc.468 [kernel32].
354f04.11ac: supR3HardNtChildGatherData: PebBaseAddress=000007fffffdb000 cbPeb=0x380
355f04.11ac: supR3HardNtPuChFindNtdll: uNtDllParentAddr=0000000077360000 uNtDllChildAddr=0000000077360000
356f04.11ac: supR3HardenedWinSetupChildInit: uLdrInitThunk=000000007738c320
357f04.11ac: supR3HardenedWinSetupChildInit: Initial context:
358 rax=0000000000000000 rbx=0000000000000000 rcx=000000013f947900 rdx=000007fffffdb000
359 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
360 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
361 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
362 rip=000000007738c500 rsp=000000000022fe88 rbp=0000000000000000 ctxflags=0010001b
363 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
364 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
365 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
366 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
367 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
368f04.11ac: kernel32.dll: timestamp 0x4dce2b0d (rc=VINF_SUCCESS)
369f04.11ac: supR3HardenedWinSetupChildInit: Start child.
370f04.11ac: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
371f04.11ac: supR3HardNtChildPurify: Startup delay kludge #1/0: 260 ms, 26 sleeps
372f04.11ac: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
373f04.11ac: *0000000000000000-000000000000ffff 0x0001/0x0000 0x0000000
374f04.11ac: *0000000000010000-000000000002ffff 0x0004/0x0004 0x0020000
375f04.11ac: *0000000000030000-0000000000033fff 0x0002/0x0002 0x0040000
376f04.11ac: 0000000000034000-000000000003ffff 0x0001/0x0000 0x0000000
377f04.11ac: *0000000000040000-0000000000040fff 0x0004/0x0004 0x0020000
378f04.11ac: 0000000000041000-000000000004ffff 0x0001/0x0000 0x0000000
379f04.11ac: *0000000000050000-0000000000050fff 0x0004/0x0004 0x0020000
380f04.11ac: 0000000000051000-000000000012ffff 0x0001/0x0000 0x0000000
381f04.11ac: *0000000000130000-000000000022bfff 0x0000/0x0004 0x0020000
382f04.11ac: 000000000022c000-000000000022dfff 0x0104/0x0004 0x0020000
383f04.11ac: 000000000022e000-000000000022ffff 0x0004/0x0004 0x0020000
384f04.11ac: 0000000000230000-000000007735ffff 0x0001/0x0000 0x0000000
385f04.11ac: *0000000077360000-0000000077360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
386f04.11ac: 0000000077361000-0000000077462fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
387f04.11ac: 0000000077463000-0000000077491fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
388f04.11ac: 0000000077492000-000000007749dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
389f04.11ac: 000000007749e000-0000000077508fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
390f04.11ac: 0000000077509000-000000007efdffff 0x0001/0x0000 0x0000000
391f04.11ac: *000000007efe0000-000000007ffdffff 0x0000/0x0002 0x0020000
392f04.11ac: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
393f04.11ac: 000000007ffe1000-000000007ffeffff 0x0000/0x0002 0x0020000
394f04.11ac: 000000007fff0000-000000013f93ffff 0x0001/0x0000 0x0000000
395f04.11ac: *000000013f940000-000000013f940fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
396f04.11ac: 000000013f941000-000000013f9b6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
397f04.11ac: 000000013f9b7000-000000013f9b7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
398f04.11ac: 000000013f9b8000-000000013f9fffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
399f04.11ac: 000000013fa00000-000000013fa00fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
400f04.11ac: 000000013fa01000-000000013fa01fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
401f04.11ac: 000000013fa02000-000000013fa06fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
402f04.11ac: 000000013fa07000-000000013fa07fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
403f04.11ac: 000000013fa08000-000000013fa08fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
404f04.11ac: 000000013fa09000-000000013fa0cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
405f04.11ac: 000000013fa0d000-000000013fa55fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
406f04.11ac: 000000013fa56000-000007feff67ffff 0x0001/0x0000 0x0000000
407f04.11ac: *000007feff680000-000007feff680fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\apisetschema.dll
408f04.11ac: 000007feff681000-000007fffffaffff 0x0001/0x0000 0x0000000
409f04.11ac: *000007fffffb0000-000007fffffd2fff 0x0002/0x0002 0x0040000
410f04.11ac: 000007fffffd3000-000007fffffdafff 0x0001/0x0000 0x0000000
411f04.11ac: *000007fffffdb000-000007fffffdbfff 0x0004/0x0004 0x0020000
412f04.11ac: 000007fffffdc000-000007fffffddfff 0x0001/0x0000 0x0000000
413f04.11ac: *000007fffffde000-000007fffffdffff 0x0004/0x0004 0x0020000
414f04.11ac: *000007fffffe0000-000007fffffeffff 0x0001/0x0002 0x0020000
415f04.11ac: apisetschema.dll: timestamp 0x54d04096 (rc=VINF_SUCCESS)
416f04.11ac: VirtualBoxVM.exe: timestamp 0x5ed9201b (rc=VINF_SUCCESS)
417f04.11ac: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
418f04.11ac: '\Device\HarddiskVolume2\Windows\System32\apisetschema.dll' has no imports
419f04.11ac: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
420f04.11ac: supR3HardNtChildPurify: Done after 300 ms and 0 fixes (loop #0).
42110cc.468: Log file opened: 6.1.10r138449 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x611db100
42210cc.468: supR3HardenedVmProcessInit: uNtDllAddr=0000000077360000 g_uNtVerCombined=0x611db100 (stack ~000000000022f938)
42310cc.468: ntdll.dll: timestamp 0x4ce7c8f9 (rc=VINF_SUCCESS)
42410cc.468: New simple heap: #1 0000000000330000 LB 0x400000 (for 1740800 allocation)
425f04.11ac: supR3HardenedEarlyCompact: Removed heap 1 (0x000000002f0000 LB 0x400000)
426f04.11ac: supR3HardNtEnableThreadCreationEx:
42710cc.468: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
42810cc.468: System32: \Device\HarddiskVolume2\Windows\System32
42910cc.468: WinSxS: \Device\HarddiskVolume2\Windows\winsxs
43010cc.468: KnownDllPath: C:\Windows\system32
43110cc.468: supR3HardenedVmProcessInit: Opening vboxdrv...
43210cc.468: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
43310cc.468: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
43410cc.468: Registered Dll notification callback with NTDLL.
43510cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
43610cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
43710cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
43810cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
43910cc.468: supR3HardenedDllNotificationCallback: load 0000000077240000 LB 0x0011f000 C:\Windows\system32\kernel32.dll [fFlags=0x0]
44010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
44110cc.468: supR3HardenedDllNotificationCallback: load 000007fefd570000 LB 0x0006c000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
44210cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
44310cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
44410cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077240000 'C:\Windows\system32\kernel32.dll'
44510cc.468: supR3HardNtDisableThreadCreation: pvLdrInitThunk=000000007738c320 pvNtTerminateThread=00000000773b1840
446f04.11ac: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 40 ms.
44710cc.468: \SystemRoot\System32\ntdll.dll:
44810cc.468: CreationTime: 2010-11-21T03:23:51.351694200Z
44910cc.468: LastWriteTime: 2010-11-21T03:23:51.367294200Z
45010cc.468: ChangeTime: 2020-06-28T00:33:12.954124600Z
45110cc.468: FileAttributes: 0x20
45210cc.468: Size: 0x1a6d60
45310cc.468: NT Headers: 0xe0
45410cc.468: Timestamp: 0x4ce7c8f9
45510cc.468: Machine: 0x8664 - amd64
45610cc.468: Timestamp: 0x4ce7c8f9
45710cc.468: Image Version: 6.1
45810cc.468: SizeOfImage: 0x1a9000 (1740800)
45910cc.468: Resource Dir: 0x151000 LB 0x560d8
46010cc.468: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
46110cc.468: [Raw version resource data: 0x1510f0 LB 0x380, codepage 0x0 (reserved 0x0)]
46210cc.468: ProductName: Microsoft® Windows® Operating System
46310cc.468: ProductVersion: 6.1.7601.17514
46410cc.468: FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
46510cc.468: FileDescription: NT Layer DLL
46610cc.468: \SystemRoot\System32\kernel32.dll:
46710cc.468: CreationTime: 2020-06-29T07:05:55.386627700Z
46810cc.468: LastWriteTime: 2011-05-14T07:20:00.106000000Z
46910cc.468: ChangeTime: 2020-06-29T07:06:45.519519800Z
47010cc.468: FileAttributes: 0x20
47110cc.468: Size: 0x11be00
47210cc.468: NT Headers: 0xe8
47310cc.468: Timestamp: 0x4dce2b0d
47410cc.468: Machine: 0x8664 - amd64
47510cc.468: Timestamp: 0x4dce2b0d
47610cc.468: Image Version: 6.1
47710cc.468: SizeOfImage: 0x11f000 (1175552)
47810cc.468: Resource Dir: 0x116000 LB 0x528
47910cc.468: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
48010cc.468: [Raw version resource data: 0x1160b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
48110cc.468: ProductName: Microsoft® Windows® Operating System
48210cc.468: ProductVersion: 6.1.7601.17617
48310cc.468: FileVersion: 6.1.7601.17617 (win7sp1_gdr.110513-1659)
48410cc.468: FileDescription: Windows NT BASE API Client DLL
48510cc.468: \SystemRoot\System32\KernelBase.dll:
48610cc.468: CreationTime: 2020-06-29T07:05:55.916628400Z
48710cc.468: LastWriteTime: 2011-05-14T07:20:00.247000000Z
48810cc.468: ChangeTime: 2020-06-29T07:06:45.519519800Z
48910cc.468: FileAttributes: 0x20
49010cc.468: Size: 0x67000
49110cc.468: NT Headers: 0xe8
49210cc.468: Timestamp: 0x4dce2b0e
49310cc.468: Machine: 0x8664 - amd64
49410cc.468: Timestamp: 0x4dce2b0e
49510cc.468: Image Version: 6.1
49610cc.468: SizeOfImage: 0x6c000 (442368)
49710cc.468: Resource Dir: 0x6a000 LB 0x530
49810cc.468: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
49910cc.468: [Raw version resource data: 0x6a0b0 LB 0x3ac, codepage 0x0 (reserved 0x0)]
50010cc.468: ProductName: Microsoft® Windows® Operating System
50110cc.468: ProductVersion: 6.1.7601.17617
50210cc.468: FileVersion: 6.1.7601.17617 (win7sp1_gdr.110513-1659)
50310cc.468: FileDescription: Windows NT BASE API Client DLL
50410cc.468: \SystemRoot\System32\apisetschema.dll:
50510cc.468: CreationTime: 2020-06-29T08:41:18.865836100Z
50610cc.468: LastWriteTime: 2015-02-03T03:28:14.008000000Z
50710cc.468: ChangeTime: 2020-06-29T10:26:19.937919000Z
50810cc.468: FileAttributes: 0x20
50910cc.468: Size: 0x1a00
51010cc.468: NT Headers: 0xc0
51110cc.468: Timestamp: 0x54d04096
51210cc.468: Machine: 0x8664 - amd64
51310cc.468: Timestamp: 0x54d04096
51410cc.468: Image Version: 6.1
51510cc.468: SizeOfImage: 0x50000 (327680)
51610cc.468: Resource Dir: 0x30000 LB 0x3f8
51710cc.468: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
51810cc.468: [Raw version resource data: 0x30060 LB 0x398, codepage 0x0 (reserved 0x0)]
51910cc.468: ProductName: Microsoft® Windows® Operating System
52010cc.468: ProductVersion: 6.1.7601.18741
52110cc.468: FileVersion: 6.1.7601.18741 (win7sp1_gdr.150202-1526)
52210cc.468: FileDescription: ApiSet Schema DLL
52310cc.468: supR3HardenedWinFindAdversaries: 0x0
52410cc.468: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
52510cc.468: Calling main()
52610cc.468: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
52710cc.468: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
52810cc.468: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
52910cc.468: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
53010cc.468: SUPR3HardenedMain: Final process, opening VBoxDrv...
53110cc.468: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000330000 LB 0x400000)
53210cc.468: supR3HardNtEnableThreadCreationEx:
53310cc.468: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
53410cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
53510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000009243b0:C:\Windows\system32 [calling]
53610cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
53710cc.468: supR3HardenedDllNotificationCallback: load 000007fefaed0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
53810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
53910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
54010cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
54110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaed0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
54210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
54310cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
54410cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaed0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
54510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefaed0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
54610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
54710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'crypt32.dll'.
54810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
54910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
55010cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
55110cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
55210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
55310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
55410cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
55510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
55610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
55710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
55810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
55910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
56010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
56110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
56210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
56310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msasn1.dll'.
56410cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
56510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
56610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
56710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
56810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
56910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
57010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
57110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
57210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
57310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
57410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
57510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
57610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000009243b0:C:\Windows\system32 [calling]
57710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
57810cc.468: supR3HardenedDllNotificationCallback: load 000007fefd3c0000 LB 0x0003b000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
57910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
58010cc.468: supR3HardenedDllNotificationCallback: load 000007fefdd50000 LB 0x0009f000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
58110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
58210cc.468: supR3HardenedDllNotificationCallback: load 000007fefd400000 LB 0x0016d000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
58310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
58410cc.468: supR3HardenedDllNotificationCallback: load 000007fefd350000 LB 0x0000f000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
58510cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
58610cc.468: supR3HardenedDllNotificationCallback: load 000007fefddf0000 LB 0x0012d000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
58710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
58810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'C:\Windows\system32\Wintrust.dll'
58910cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
59010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
59110cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000969790:C:\Windows\system32 [calling]
59210cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
59310cc.468: supR3HardenedDllNotificationCallback: load 000007fefcc90000 LB 0x00022000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
59410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
59510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc90000 'C:\Windows\system32\bcrypt.dll'
59610cc.468: bcrypt.dll loaded at 000007fefcc90000, BCryptOpenAlgorithmProvider at 000007fefcc92640, preloading providers:
59710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
59810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'bcrypt.dll'.
59910cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
60010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
60110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
60210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
60310cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
60410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
60510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
60610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
60710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
60810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
60910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
61010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
61110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
61210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
61310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
61410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
61510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
61610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
61710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
61810cc.468: supR3HardenedDllNotificationCallback: load 000007fefc780000 LB 0x0004c000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
61910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
62010cc.468: supR3HardenedDllNotificationCallback: load 000007feff190000 LB 0x000db000 C:\Windows\system32\ADVAPI32.dll [fFlags=0x0]
62110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
62210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
62310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
62410cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
62510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
62610cc.468: supR3HardenedDllNotificationCallback: load 000007feff440000 LB 0x0001f000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
62710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
62810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc780000 'C:\Windows\system32\bcryptprimitives.dll'
62910cc.468: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000096ae70)
63010cc.468: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000096dd40)
63110cc.468: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000096de60)
63210cc.468: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000096e070)
63310cc.468: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000096e190)
63410cc.468: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000096e2b0)
63510cc.468: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=000000000096e4f0)
63610cc.468: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=000000000096e610)
63710cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
63810cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
63910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
64010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
64110cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
64210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
64310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
64410cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
64510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
64610cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
64710cc.468: supR3HardenedDllNotificationCallback: load 000007fefcb40000 LB 0x00018000 C:\Windows\system32\CRYPTSP.dll [fFlags=0x0]
64810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
64910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb40000 'C:\Windows\system32\CRYPTSP.dll'
65010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
65110cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
65210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
65310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
65410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
65510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
65610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
65710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
65810cc.468: supR3HardenedDllNotificationCallback: load 000007fefc840000 LB 0x00047000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
65910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
66010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc840000 'C:\Windows\system32\rsaenh.dll'
66110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
66210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
66310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff190000 'C:\Windows\system32\ADVAPI32.dll'
66410cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
66510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
66610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
66710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
66810cc.468: supR3HardenedDllNotificationCallback: load 000007fefd1a0000 LB 0x0000f000 C:\Windows\system32\CRYPTBASE.dll [fFlags=0x0]
66910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
67010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1a0000 'C:\Windows\system32\CRYPTBASE.dll'
67110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
67210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
67310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077240000 'C:\Windows\system32\kernel32.dll'
67410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
67510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
67610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'C:\Windows\system32\WINTRUST.DLL'
67710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
67810cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
67910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd400000 'C:\Windows\system32\CRYPT32.dll'
68010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
68110cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
68210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
68310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
68410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
68510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
68610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imagehlp.dll (Input=imagehlp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
68710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
68810cc.468: supR3HardenedDllNotificationCallback: load 000007fefdd30000 LB 0x00017000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
68910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imagehlp.dll [lacks WinVerifyTrust]
69010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdd30000 'C:\Windows\system32\imagehlp.dll'
69110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
69210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTSP.dll (Input=CRYPTSP.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
69310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcb40000 'C:\Windows\system32\CRYPTSP.dll'
69410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
69510cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
69610cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
69710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
69810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
69910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
70010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'lpk.dll'.
70110cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
70210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
70310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'lpk.dll'...
70410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'lpk.dll' -> '\Device\HarddiskVolume2\Windows\System32\lpk.dll' [rcNtRedir=0xc0150008]
70510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
70610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
70710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'usp10.dll'.
70810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\lpk.dll)
70910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\lpk.dll
71010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
71110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
71210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
71310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'usp10.dll'...
71410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'usp10.dll' -> '\Device\HarddiskVolume2\Windows\System32\usp10.dll' [rcNtRedir=0xc0150008]
71510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
71610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
71710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
71810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\usp10.dll)
71910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\usp10.dll
72010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
72110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
72210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
72310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
72410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
72510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
72610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
72710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
72810cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
72910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
73010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
73110cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
73210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
73310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
73410cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
73510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USER32.dll (Input=USER32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
73610cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
73710cc.468: supR3HardenedDllNotificationCallback: load 0000000077140000 LB 0x000fa000 C:\Windows\system32\USER32.dll [fFlags=0x0]
73810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
73910cc.468: supR3HardenedDllNotificationCallback: load 000007fefdcc0000 LB 0x00067000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
74010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
74110cc.468: supR3HardenedDllNotificationCallback: load 000007fefdb00000 LB 0x0000e000 C:\Windows\system32\LPK.dll [fFlags=0x0]
74210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\lpk.dll [lacks WinVerifyTrust]
74310cc.468: supR3HardenedDllNotificationCallback: load 000007fefd9a0000 LB 0x000c9000 C:\Windows\system32\USP10.dll [fFlags=0x0]
74410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\usp10.dll [lacks WinVerifyTrust]
74510cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
74610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
74710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdcc0000 'C:\Windows\system32\gdi32.dll'
74810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
74910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
75010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msctf.dll'.
75110cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
75210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
75310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
75410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume2\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
75510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
75610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
75710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
75810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'imm32.dll'.
75910cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
76010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
76110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
76210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
76310cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
76410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
76510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
76610cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
76710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
76810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
76910cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
77010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
77110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
77210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
77310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
77410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
77510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
77610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
77710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
77810cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
77910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
78010cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
78110cc.468: supR3HardenedDllNotificationCallback: load 000007fefdb10000 LB 0x0002e000 C:\Windows\system32\IMM32.DLL [fFlags=0x0]
78210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [lacks WinVerifyTrust]
78310cc.468: supR3HardenedDllNotificationCallback: load 000007fefee20000 LB 0x00109000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
78410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msctf.dll [lacks WinVerifyTrust]
78510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefdb10000 'C:\Windows\system32\IMM32.DLL'
78610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=0000000077140000 'C:\Windows\system32\USER32.dll'
78710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'bcrypt.dll'.
78810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
78910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msasn1.dll'.
79010cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\ncrypt.dll)
79110cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ncrypt.dll
79210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
79310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
79410cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
79510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
79610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
79710cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
79810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
79910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
80010cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
80110cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ncrypt.dll (Input=ncrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
80210cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
80310cc.468: supR3HardenedDllNotificationCallback: load 000007fefccc0000 LB 0x00050000 C:\Windows\system32\ncrypt.dll [fFlags=0x0]
80410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
80510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefccc0000 'C:\Windows\system32\ncrypt.dll'
80610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
80710cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (Input=bcrypt.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
80810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefcc90000 'C:\Windows\system32\bcrypt.dll'
80910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
81010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
81110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'profapi.dll'.
81210cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\userenv.dll)
81310cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
81410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
81510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
81610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
81710cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
81810cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
81910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
82010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
82110cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
82210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
82310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
82410cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
82510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
82610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
82710cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
82810cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\USERENV.dll (Input=USERENV.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
82910cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
83010cc.468: supR3HardenedDllNotificationCallback: load 000007fefc600000 LB 0x0001e000 C:\Windows\system32\USERENV.dll [fFlags=0x0]
83110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\userenv.dll [lacks WinVerifyTrust]
83210cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
83310cc.468: supR3HardenedDllNotificationCallback: load 000007fefd2b0000 LB 0x0000f000 C:\Windows\system32\profapi.dll [fFlags=0x0]
83410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
83510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc600000 'C:\Windows\system32\USERENV.dll'
83610cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
83710cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
83810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
83910cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
84010cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
84110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
84210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
84310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
84410cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
84510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
84610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
84710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
84810cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
84910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
85010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
85110cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
85210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\GPAPI.dll (Input=GPAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
85310cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
85410cc.468: supR3HardenedDllNotificationCallback: load 000007fefc5e0000 LB 0x0001b000 C:\Windows\system32\GPAPI.dll [fFlags=0x0]
85510cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
85610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefc5e0000 'C:\Windows\system32\GPAPI.dll'
85710cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
85810cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
85910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-WIN-Service-Management-L1-1-0.dll'
86010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
86110cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
86210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefddf0000 'C:\Windows\system32\rpcrt4.dll'
86310cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
86410cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
86510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-WIN-Service-Management-L2-1-0.dll'
86610cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
86710cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
86810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
86910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
87010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
87110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
87210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'wldap32.dll'.
87310cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
87410cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
87510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
87610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume2\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
87710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
87810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\Wldap32.dll)
87910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\Wldap32.dll
88010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
88110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
88210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
88310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
88410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
88510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
88610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
88710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
88810cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
88910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
89010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
89110cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
89210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
89310cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
89410cc.468: supR3HardenedDllNotificationCallback: load 000007fef9ba0000 LB 0x00027000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
89510cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
89610cc.468: supR3HardenedDllNotificationCallback: load 000007fefd860000 LB 0x00052000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
89710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
89810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
89910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
90010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
90110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
90210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
90310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
90410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
90510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
90610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
90710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
90810cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
90910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
91010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
91110cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
91210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
91310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
91410cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x1002 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
91510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
91610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
91710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
91810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
91910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
92010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
92110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
92210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
92310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
92410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
92510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
92610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
92710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
92810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fef9ba0000 'C:\Windows\system32\cryptnet.dll'
92910cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
93010cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
93110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
93210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\profapi.dll [lacks WinVerifyTrust]
93310cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
93410cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2b0000 'C:\Windows\system32\profapi.dll'
93510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
93610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
93710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
93810cc.468: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
93910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
94010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
94110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
94210cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
94310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
94410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
94510cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
94610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
94710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
94810cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
94910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHLWAPI.dll (Input=SHLWAPI.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
95010cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
95110cc.468: supR3HardenedDllNotificationCallback: load 000007fefda70000 LB 0x00071000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
95210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
95310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefda70000 'C:\Windows\system32\SHLWAPI.dll'
95410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
95510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000009b2c00
95610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
95710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6463B603CF12442718467D754A1EDC45CE1D6E7E
95810cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
95910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-SDDL-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
96010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-SDDL-L1-1-0.dll'
96110cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
96210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-Management-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
96310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-WIN-Service-Management-L1-1-0.dll'
96410cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
96510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-WIN-Service-winsvc-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
96610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-WIN-Service-winsvc-L1-1-0.dll'
96710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
96810cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ADVAPI32.dll (Input=ADVAPI32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
96910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff190000 'C:\Windows\system32\ADVAPI32.dll'
97010cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
97110cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
97210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
97310cc.468: supR3HardenedIsApiSetDll: '<NULL>' -> true
97410cc.468: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Security-LSALookup-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
97510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff440000 'API-MS-Win-Security-LSALookup-L1-1-0.dll'
97610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\SystemRoot\System32\ntdll.dll'
97710cc.468: g_pfnWinVerifyTrust=000007fefd3c1010
97810cc.468: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
97910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c4 pwszName=\Device\HarddiskVolume2\Windows\System32\crypt32.dll
98010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
98110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
98210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B757256DD06374F77FF8DC61E1FEC0E93F3DF2F3
98310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_192_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
98410cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
98510cc.468: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
98610cc.468: supR3HardenedScreenImage/preload: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
98710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000b8 pwszName=\Device\HarddiskVolume2\Windows\System32\wintrust.dll
98810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
98910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
99010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9D66460DAFA96F2CF96829A002753DECB7ED7CF
99110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
99210cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
99310cc.468: supR3HardenedScreenImage/preload: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
99410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000370 pwszName=\Device\HarddiskVolume2\Windows\System32\shlwapi.dll
99510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
99610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
99710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0AB8D9C9D3E1FC95D01F9A984B16ED031BB40CD8
99810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
99910cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
100010cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
100110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000364 pwszName=\Device\HarddiskVolume2\Windows\System32\Wldap32.dll
100210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
100310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
100410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87E73086F2528CF31D3AD5F0D71E04F8B942D5D8
100510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
100610cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
100710cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\Wldap32.dll'
100810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000360 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
100910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
101010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
101110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2545617940C2A353D1E2B307B3C55DF27B1EEBE9
101210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
101310cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
101410cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
101510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000023c pwszName=\Device\HarddiskVolume2\Windows\System32\gpapi.dll
101610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
101710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
101810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=470795C189226F7BDB8E50F42104CC34488B9340
101910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
102010cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
102110cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
102210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a8 pwszName=\Device\HarddiskVolume2\Windows\System32\profapi.dll
102310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
102410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
102510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2449672745D9BA339420451D13FA0380AA768231
102610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\profapi.dll'
102710cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
102810cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
102910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001a4 pwszName=\Device\HarddiskVolume2\Windows\System32\userenv.dll
103010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
103110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
103210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3E1A2CC7367F751C19EBF4E6EDF5E9A10E47313
103310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\userenv.dll'
103410cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
103510cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\userenv.dll'
103610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000190 pwszName=\Device\HarddiskVolume2\Windows\System32\ncrypt.dll
103710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
103810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
103910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9AF77A02B5BA5E996878C1E277979D9488E415B3
104010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
104110cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
104210cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ncrypt.dll'
104310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000178 pwszName=\Device\HarddiskVolume2\Windows\System32\msctf.dll
104410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
104510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
104610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=803AF52F95A9EFDFDA06C595023831EE36ACD3A8
104710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\msctf.dll'
104810cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
104910cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
105010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000174 pwszName=\Device\HarddiskVolume2\Windows\System32\imm32.dll
105110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
105210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
105310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6EEE1AB3B6D79AFF857940FF5F51ED27698153EC
105410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\imm32.dll'
105510cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
105610cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
105710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000170 pwszName=\Device\HarddiskVolume2\Windows\System32\usp10.dll
105810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
105910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
106010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=97AE9B5B40144F2794F30A891013393C80D631A1
106110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\usp10.dll'
106210cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
106310cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\usp10.dll'
106410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000016c pwszName=\Device\HarddiskVolume2\Windows\System32\lpk.dll
106510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
106610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
106710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A42DFBB8A3A26D2178D79D34DA1CE275E2A0BE37
106810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\lpk.dll'
106910cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107010cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\lpk.dll'
107110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000168 pwszName=\Device\HarddiskVolume2\Windows\System32\gdi32.dll
107210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
107310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
107410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8F7179D2AEB0FEB168A01D182223AC2D7B8F331
107510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
107610cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
107710cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
107810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000164 pwszName=\Device\HarddiskVolume2\Windows\System32\user32.dll
107910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000009b2c00
108010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000009b2c00
108110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB05A6DD4AF9AC247D37C4B7BAFCCBD178A41E64
108210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
108310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000002aeaf50
108410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
108510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FB05A6DD4AF9AC247D37C4B7BAFCCBD178A41E64
108610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
108710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000002aeb010
108810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeb010
108910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=7458187B83265348D287AC7AB34C0A5AD0EFDAA5040E43F37D2AC3DBEB747E20
109010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
109110cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
109210cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
109310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000160 pwszName=\Device\HarddiskVolume2\Windows\System32\imagehlp.dll
109410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
109510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
109610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AFE89CF1060867A10BD3963894BCDB4D3058F804
109710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
109810cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
109910cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
110010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000114 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptbase.dll
110110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
110210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
110310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A965CC5DB13A5FB23BBB1B6B5FA6D400DC49462F
110410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
110510cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
110610cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
110710cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
110810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000110 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptsp.dll
110910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
111010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
111110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BA7AC4A7E8ADDFEA90AC951ECB6D6546E4873613
111210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_115_for_KB3033929~31bf3856ad364e35~amd64~~6.1.1.1.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
111310cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
111410cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
111510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000104 pwszName=\Device\HarddiskVolume2\Windows\System32\sechost.dll
111610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
111710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
111810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3FA2A014BF360CDC0E203A174FFC9DC5343C5323
111910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\sechost.dll'
112010cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
112110cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
112210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000100 pwszName=\Device\HarddiskVolume2\Windows\System32\advapi32.dll
112310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
112410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
112510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBCDF817D89920EE3139FB7E090744EB36A4A21B
112610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
112710cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
112810cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
112910cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
113010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000e8 pwszName=\Device\HarddiskVolume2\Windows\System32\bcrypt.dll
113110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
113210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
113310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=62E377A1F0AD0C2EDC0A73CB3EFF841FF18D00D2
113410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
113510cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
113610cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
113710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c8 pwszName=\Device\HarddiskVolume2\Windows\System32\msvcrt.dll
113810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
113910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
114010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DBEAC8C0FA88C88B540ACFE0683B1810C077AA53
114110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
114210cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
114310cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
114410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000c0 pwszName=\Device\HarddiskVolume2\Windows\System32\msasn1.dll
114510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
114610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
114710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F2FF57DC30D774F93061607060DAA0DD15E39CCE
114810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
114910cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
115010cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
115110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000000bc pwszName=\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
115210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
115310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
115410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BC4D9E909DFDD2EE8BA1A5C857D73D49EBE7952C
115510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
115610cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
115710cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
115810cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
115910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000028 pwszName=\Device\HarddiskVolume2\Windows\System32\KernelBase.dll
116010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
116110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
116210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B0C103367FAB04A144C7FC83ED7BD4615C357310
116310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2533623~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
116410cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
116510cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
116610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000020 pwszName=\Device\HarddiskVolume2\Windows\System32\kernel32.dll
116710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
116810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
116910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B3D305C6AE80071C6174B9800DE0ED1E3B8B6C39
117010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4_for_KB2533623~31bf3856ad364e35~amd64~~6.1.1.2.cat'; file='\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
117110cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
117210cc.468: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
117310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
117410cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000a16890:C:\Windows\system32 [calling]
117510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd400000 'C:\Windows\system32\crypt32.dll'
117610cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
117710cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
117810cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
117910cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
118010cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
118110cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
118210cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
118310cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
118410cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
118510cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
118610cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
118710cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
118810cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
118910cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
119010cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
119110cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
119210cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
119310cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
119410cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
119510cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
119610cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
119710cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
119810cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
119910cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
120010cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
120110cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
120210cc.468: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
120310cc.468: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=27
120410cc.468: SUPR3HardenedMain: Load Runtime...
120510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
120610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
120710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
120810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
120910cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
121010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
121110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
121210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
121310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000039c pwszName=\Device\HarddiskVolume2\Windows\System32\ws2_32.dll
121410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
121510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
121610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3EF3BDC1E84DFA17EA056313214EE88EC3E66F79
121710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ws2_32.dll'
121810cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
121910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
122010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
122110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'nsi.dll'.
122210cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
122310cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
122410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
122510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
122610cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
122710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
122810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
122910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
123010cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
123110cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
123210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
123310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
123410cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
123510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
123610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
123710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
123810cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
123910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
124010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
124110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003d8 pwszName=\Device\HarddiskVolume2\Windows\System32\nsi.dll
124210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
124310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
124410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7AFD8538945F2D05BC1AF949B9B19B7D2D9FBBF8
124510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\nsi.dll'
124610cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
124710cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll) WinVerifyTrust
124810cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
124910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
125010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
125110cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
125210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
125310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
125410cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
125510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000099cc00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
125610cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
125710cc.468: supR3HardenedDllNotificationCallback: load 000007fee7e40000 LB 0x005d6000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
125810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
125910cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
126010cc.468: supR3HardenedDllNotificationCallback: load 0000000074e80000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
126110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
126210cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
126310cc.468: supR3HardenedDllNotificationCallback: load 0000000074c50000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
126410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
126510cc.468: supR3HardenedDllNotificationCallback: load 000007fefdfc0000 LB 0x0004d000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
126610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
126710cc.468: supR3HardenedDllNotificationCallback: load 000007fefdaf0000 LB 0x00008000 C:\Windows\system32\NSI.dll [fFlags=0x0]
126810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll
126910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
127010cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
127110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
127210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
127310cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
127410cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
127510cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
127610cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
127710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
127810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
127910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
128010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
128110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
128210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
128310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
128410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
128510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
128610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
128710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
128810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
128910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
129510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
129610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
129910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130410cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130810cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
130910cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
131310cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000924a50:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32;C:\Windows\system;C:\Windows;.;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\Driver;C:\gradle-6.5\bin;C:\Program Files\Android\Android Studio\jre\bin\ [calling]
131410cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fee7e40000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
131810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
131910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000009d8ac0:C:\Windows\system32 [calling]
132010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd3c0000 'C:\Windows\system32\Wintrust.dll'
132110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
132210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=00000000009d8ac0:C:\Windows\system32 [calling]
132310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd400000 'C:\Windows\system32\crypt32.dll'
132410cc.468: SUPR3HardenedMain: Load TrustedMain...
132510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
132610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
132710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
132810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
132910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
133010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
133110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
133210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
133310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
133410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
133510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
133610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
133710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
133810cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
133910cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
134010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
134110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
134210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000041c pwszName=\Device\HarddiskVolume2\Windows\System32\winmm.dll
134310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
134410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
134510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=82E2B2A7826F88BEB98FFF0540C9BDB0A12F001A
134610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\winmm.dll'
134710cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
134810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
134910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
135010cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
135110cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
135210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
135310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
135410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003f8 pwszName=\Device\HarddiskVolume2\Windows\System32\oleaut32.dll
135510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
135610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
135710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=26A5C3FE898CBD66951D3BC65E742E0BE561E69B
135810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\oleaut32.dll'
135910cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
136010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
136110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
136210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
136310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
136410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
136510cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
136610cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
136710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
136810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
136910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000410 pwszName=\Device\HarddiskVolume2\Windows\System32\ole32.dll
137010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
137110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
137210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2E64AE329BD5124592BC8CB0B327AA3B95DC65B7
137310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\ole32.dll'
137410cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
137510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
137610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
137710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
137810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
137910cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
138010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
138110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
138210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
138310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
138410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
138510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
138610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
138710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
138810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
138910cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
139010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
139110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
139210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
139310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
139410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
139510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
139610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
139710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
139810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
139910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
140010cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
140110cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
140210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
140310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
140410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
140510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
140610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
140710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
140810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
140910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
141010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
141110cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll) WinVerifyTrust
141210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
141310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
141410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
141510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
141610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
141710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
141810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
141910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
142010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
142110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
142210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
142310cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll) WinVerifyTrust
142410cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
142510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
142610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
142710cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
142810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
142910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
143010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
143110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
143210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
143310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
143410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
143510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
143610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
143710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
143810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
143910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
144010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
144110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
144210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
144310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
144410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
144510cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
144610cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
144710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
144810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
144910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
145010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
145110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
145210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=608AC397FCC42B9FBAE25CB8C25EAF4C19AA384D
145310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
145410cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
145510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
145610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
145710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
145810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
145910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
146010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
146110cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll) WinVerifyTrust
146210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
146310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
146410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
146510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
146610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume2\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
146710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000428 pwszName=\Device\HarddiskVolume2\Windows\System32\ddraw.dll
146810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
146910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
147010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=24C763EA54CD792A0F1618411061DC356EE31FF6
147110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\ddraw.dll'
147210cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
147310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
147410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
147510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'dciman32.dll'.
147610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
147710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
147810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'dwmapi.dll'.
147910cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ddraw.dll) WinVerifyTrust
148010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ddraw.dll
148110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
148210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
148310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000440 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
148410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
148510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
148610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60E45AB914E06A11F44EA76C6EF750AF892F9EA2
148710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\nt5.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
148810cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
148910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
149010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
149110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
149210cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\glu32.dll) WinVerifyTrust
149310cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
149410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
149510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
149610cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
149710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
149810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
149910cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
150010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
150110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
150210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
150310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
150410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
150510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
150610cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
150710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
150810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
150910cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
151010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
151110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
151210cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
151310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
151410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
151510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
151610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
151710cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
151810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
151910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
152010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
152110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
152210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
152310cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
152410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
152510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
152610cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
152710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
152810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
152910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
153010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
153110cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
153210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
153310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
153410cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
153510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
153610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
153710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000450 pwszName=\Device\HarddiskVolume2\Windows\System32\mpr.dll
153810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
153910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
154010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F84FE9BA047B24E7694C9E0C349B48B9FD5F925B
154110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\mpr.dll'
154210cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
154310cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll) WinVerifyTrust
154410cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
154510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
154610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
154710cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
154810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
154910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
155010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
155110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
155210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
155310cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
155410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
155510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
155610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000045c pwszName=\Device\HarddiskVolume2\Windows\System32\shell32.dll
155710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
155810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
155910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=FCF00DB9BBECF4126AB4076577BBA73C0F94BDF9
156010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\shell32.dll'
156110cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
156210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
156310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'shlwapi.dll'.
156410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
156510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
156610cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll) WinVerifyTrust
156710cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
156810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
156910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
157010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
157110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
157210cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
157310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
157410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
157510cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
157610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
157710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
157810cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
157910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
158010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
158110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
158210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
158310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
158410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
158510cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
158610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
158710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
158810cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
158910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
159010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
159110cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
159210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
159310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
159410cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
159510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
159610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
159710cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
159810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
159910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
160010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
160110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
160210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
160310cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
160410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
160510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
160610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
160710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
160810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
160910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
161010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
161110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
161210cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
161310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
161410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
161510cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
161610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
161710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
161810cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
161910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
162010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
162110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
162210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
162310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
162410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
162510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
162610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
162710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
162810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
162910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
163010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
163110cc.468: supR3HardenedScreenImage/Imports: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Windows\System32\user32.dll
163210cc.468: Error (rc=0):
163310cc.468: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=16 \Device\HarddiskVolume2\Windows\System32\user32.dll
163410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
163510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
163610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
163710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
163810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
163910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
164010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
164110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
164210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
164310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
164410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
164510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
164610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
164710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
164810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
164910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
165010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
165110cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
165210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
165310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
165410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
165510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
165610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
165710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
165810cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
165910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
166010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
166110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
166210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
166310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000430 pwszName=\Device\HarddiskVolume2\Windows\System32\dwmapi.dll
166410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
166510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
166610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B79EE7B5AD74EF51A849809202E043183A2C727E
166710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dwmapi.dll'
166810cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
166910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
167010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
167110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
167210cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dwmapi.dll) WinVerifyTrust
167310cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
167410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
167510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
167610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000454 pwszName=\Device\HarddiskVolume2\Windows\System32\setupapi.dll
167710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
167810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
167910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1499C4FEA6E143F9BEC35B4FFA098917D3A6EBF2
168010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\setupapi.dll'
168110cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
168210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'cfgmgr32.dll'.
168310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcrt.dll'.
168410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'gdi32.dll'.
168510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
168610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'user32.dll'.
168710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
168810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'devobj.dll'.
168910cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll) WinVerifyTrust
169010cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
169110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
169210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
169310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
169410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume2\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
169510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000434 pwszName=\Device\HarddiskVolume2\Windows\System32\dciman32.dll
169610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
169710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
169810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D3FEC714D729F7CAEB9B7A25E2012B6A6E9007F5
169910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\dciman32.dll'
170010cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
170110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
170210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
170310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
170410cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dciman32.dll) WinVerifyTrust
170510cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dciman32.dll
170610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
170710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
170810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
170910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
171010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
171110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
171210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
171310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
171410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
171510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
171610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
171710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
171810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000468 pwszName=\Device\HarddiskVolume2\Windows\System32\devobj.dll
171910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
172010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
172110cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B410A095222E69F0ECE7D66E4AC27A7125D2EB5A
172210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\devobj.dll'
172310cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
172410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
172510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'cfgmgr32.dll'.
172610cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) WinVerifyTrust
172710cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
172810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
172910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
173010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
173110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
173210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
173310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
173410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
173510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
173610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
173710cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll
173810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
173910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
174010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
174110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
174210cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
174310cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
174410cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
174510cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8F731777EFC4BC982C1E1467FBF29A74CC14D93A
174610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Foundation-Package~31bf3856ad364e35~amd64~~6.1.7601.17514.cat'; file='\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
174710cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
174810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
174910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
175010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
175110cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll) WinVerifyTrust
175210cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
175310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
175410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
175510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
175610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
175710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
175810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
175910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
176010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
176110cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
176210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
176310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
176410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
176510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
176610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
176710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
176810cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
176910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
177010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
177110cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000099cc00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
177210cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
177310cc.468: supR3HardenedDllNotificationCallback: load 000007feda7a0000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
177410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
177510cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
177610cc.468: supR3HardenedDllNotificationCallback: load 000007fee6860000 LB 0x0011d000 C:\Windows\system32\OPENGL32.dll [fFlags=0x0]
177710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
177810cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
177910cc.468: supR3HardenedDllNotificationCallback: load 000007feee620000 LB 0x0002d000 C:\Windows\system32\GLU32.dll [fFlags=0x0]
178010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\glu32.dll
178110cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
178210cc.468: supR3HardenedDllNotificationCallback: load 000007feea7e0000 LB 0x000f1000 C:\Windows\system32\DDRAW.dll [fFlags=0x0]
178310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ddraw.dll
178410cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
178510cc.468: supR3HardenedDllNotificationCallback: load 000007fefadb0000 LB 0x00008000 C:\Windows\system32\DCIMAN32.dll [fFlags=0x0]
178610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dciman32.dll
178710cc.468: supR3HardenedDllNotificationCallback: load 000007fefd680000 LB 0x001d7000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
178810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
178910cc.468: supR3HardenedDllNotificationCallback: load 000007fefd360000 LB 0x00036000 C:\Windows\system32\CFGMGR32.dll [fFlags=0x0]
179010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
179110cc.468: supR3HardenedDllNotificationCallback: load 000007fefd8c0000 LB 0x000d7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
179210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
179310cc.468: supR3HardenedDllNotificationCallback: load 000007feff460000 LB 0x00203000 C:\Windows\system32\ole32.dll [fFlags=0x0]
179410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
179510cc.468: supR3HardenedDllNotificationCallback: load 000007fefd3a0000 LB 0x0001a000 C:\Windows\system32\DEVOBJ.dll [fFlags=0x0]
179610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
179710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
179810cc.468: supR3HardenedDllNotificationCallback: load 000007fefb630000 LB 0x00018000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
179910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dwmapi.dll
180010cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
180110cc.468: supR3HardenedDllNotificationCallback: load 000007fee8420000 LB 0x02314000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
180210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
180310cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
180410cc.468: supR3HardenedDllNotificationCallback: load 00000000746e0000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
180510cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
180610cc.468: supR3HardenedDllNotificationCallback: load 000007fefe010000 LB 0x00d88000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
180710cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
180810cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
180910cc.468: supR3HardenedDllNotificationCallback: load 000007fef11c0000 LB 0x00018000 C:\Windows\system32\MPR.dll [fFlags=0x0]
181010cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll
181110cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
181210cc.468: supR3HardenedDllNotificationCallback: load 000007fee6980000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
181310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
181410cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
181510cc.468: supR3HardenedDllNotificationCallback: load 0000000070db0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
181610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
181710cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
181810cc.468: supR3HardenedDllNotificationCallback: load 000000005bde0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
181910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
182010cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
182110cc.468: supR3HardenedDllNotificationCallback: load 000007fefb300000 LB 0x0003b000 C:\Windows\system32\WINMM.dll [fFlags=0x0]
182210cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
182310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff190000 'C:\Windows\system32\ADVAPI32.DLL'
182410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
182510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
182610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1a0000 'C:\Windows\system32\cryptbase.dll'
182710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feda7a0000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
182810cc.468: SUPR3HardenedMain: Calling TrustedMain (000007feda7a16c0)...
182910cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
183010cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000099cc00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
183110cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff460000 'C:\Windows\system32\ole32.dll'
183210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007feff190000 'C:\Windows\system32\ADVAPI32.dll'
183310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
183410cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\profapi.dll (Input=profapi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000099cc00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
183510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd2b0000 'C:\Windows\system32\profapi.dll'
183610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
183710cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
183810cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
183910cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
184010cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
184110cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
184210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
184310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
184410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
184510cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
184610cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
184710cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
184810cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
184910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
185010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
185110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
185210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
185310cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
185410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
185510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
185610cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
185710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
185810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
185910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
186010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
186110cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
186210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
186310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
186410cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
186510cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
186610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
186710cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
186810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
186910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
187010cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
187110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
187210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
187310cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
187410cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
187510cc.468: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
187610cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
187710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
187810cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000099cc00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
187910cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
188010cc.468: supR3HardenedDllNotificationCallback: load 000007fedc6d0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
188110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
188210cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fedc6d0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
188310cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
188410cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPTBASE.dll (Input=CRYPTBASE.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000099cc00:C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
188510cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefd1a0000 'C:\Windows\system32\CRYPTBASE.dll'
188610cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004e4 pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
188710cc.468: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000002aeaf50
188810cc.468: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000002aeaf50
188910cc.468: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=936D45CC7026757A151F62882B557DD75D5FCB21
189010cc.468: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntpe.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
189110cc.468: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
189210cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
189310cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
189410cc.468: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
189510cc.468: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
189610cc.468: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
189710cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
189810cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
189910cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
190010cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
190110cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
190210cc.468: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
190310cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000098f340:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
190410cc.468: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
190510cc.468: supR3HardenedDllNotificationCallback: load 000007fefba00000 LB 0x00056000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
190610cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
190710cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba00000 'C:\Windows\system32\uxtheme.dll'
190810cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
190910cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000098f340:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
191010cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba00000 'C:\Windows\system32\uxtheme.dll'
191110cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
191210cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000098f130:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
191310cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba00000 'C:\Windows\system32\uxtheme.dll'
191410cc.468: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
191510cc.468: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=000000000098f130:C:\Windows\system32;C:\Program Files\Oracle\VirtualBox;C:\Windows\system32 [calling]
191610cc.468: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=000007fefba00000 'C:\Windows\system32\uxtheme.dll'
1917f04.11ac: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1497 ms, the end);
191813cc.c74: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1860 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy