VirtualBox

Ticket #20085: VBoxHardening.log.txt

File VBoxHardening.log.txt, 198.5 KB (added by fernandofot, 4 years ago)

VBoxHardening.log

Line 
11bb0.2dd8: Log file opened: 6.1.16r140961 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047bb00
21bb0.2dd8: \SystemRoot\System32\ntdll.dll:
31bb0.2dd8: CreationTime: 2020-11-16T21:24:26.565758000Z
41bb0.2dd8: LastWriteTime: 2020-11-16T21:24:26.640935300Z
51bb0.2dd8: ChangeTime: 2020-11-16T23:59:56.844820200Z
61bb0.2dd8: FileAttributes: 0x20
71bb0.2dd8: Size: 0x1e8058
81bb0.2dd8: NT Headers: 0xd8
91bb0.2dd8: Timestamp: 0x103a4719
101bb0.2dd8: Machine: 0x8664 - amd64
111bb0.2dd8: Timestamp: 0x103a4719
121bb0.2dd8: Image Version: 10.0
131bb0.2dd8: SizeOfImage: 0x1f0000 (2031616)
141bb0.2dd8: Resource Dir: 0x17f000 LB 0x6f3b8
151bb0.2dd8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
161bb0.2dd8: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
171bb0.2dd8: ProductName: Microsoft® Windows® Operating System
181bb0.2dd8: ProductVersion: 10.0.18362.1171
191bb0.2dd8: FileVersion: 10.0.18362.1171 (WinBuild.160101.0800)
201bb0.2dd8: FileDescription: NT Layer DLL
211bb0.2dd8: \SystemRoot\System32\kernel32.dll:
221bb0.2dd8: CreationTime: 2020-10-14T15:41:50.085714300Z
231bb0.2dd8: LastWriteTime: 2020-10-14T15:41:50.135685400Z
241bb0.2dd8: ChangeTime: 2020-11-16T21:27:38.218148600Z
251bb0.2dd8: FileAttributes: 0x20
261bb0.2dd8: Size: 0xb04a0
271bb0.2dd8: NT Headers: 0xf8
281bb0.2dd8: Timestamp: 0x2d28261f
291bb0.2dd8: Machine: 0x8664 - amd64
301bb0.2dd8: Timestamp: 0x2d28261f
311bb0.2dd8: Image Version: 10.0
321bb0.2dd8: SizeOfImage: 0xb2000 (729088)
331bb0.2dd8: Resource Dir: 0xb0000 LB 0x520
341bb0.2dd8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
351bb0.2dd8: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
361bb0.2dd8: ProductName: Microsoft® Windows® Operating System
371bb0.2dd8: ProductVersion: 10.0.18362.1110
381bb0.2dd8: FileVersion: 10.0.18362.1110 (WinBuild.160101.0800)
391bb0.2dd8: FileDescription: Windows NT BASE API Client DLL
401bb0.2dd8: \SystemRoot\System32\KernelBase.dll:
411bb0.2dd8: CreationTime: 2020-10-14T15:42:29.628041900Z
421bb0.2dd8: LastWriteTime: 2020-10-14T15:42:29.814934200Z
431bb0.2dd8: ChangeTime: 2020-11-16T21:27:38.634087800Z
441bb0.2dd8: FileAttributes: 0x20
451bb0.2dd8: Size: 0x2a5a88
461bb0.2dd8: NT Headers: 0x100
471bb0.2dd8: Timestamp: 0xa8b891f5
481bb0.2dd8: Machine: 0x8664 - amd64
491bb0.2dd8: Timestamp: 0xa8b891f5
501bb0.2dd8: Image Version: 10.0
511bb0.2dd8: SizeOfImage: 0x2a5000 (2772992)
521bb0.2dd8: Resource Dir: 0x27f000 LB 0x548
531bb0.2dd8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
541bb0.2dd8: [Raw version resource data: 0x27f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
551bb0.2dd8: ProductName: Microsoft® Windows® Operating System
561bb0.2dd8: ProductVersion: 10.0.18362.1139
571bb0.2dd8: FileVersion: 10.0.18362.1139 (WinBuild.160101.0800)
581bb0.2dd8: FileDescription: Windows NT BASE API Client DLL
591bb0.2dd8: \SystemRoot\System32\apisetschema.dll:
601bb0.2dd8: CreationTime: 2019-03-19T04:43:54.837151500Z
611bb0.2dd8: LastWriteTime: 2019-03-19T04:43:54.837151500Z
621bb0.2dd8: ChangeTime: 2020-11-16T21:27:38.195693000Z
631bb0.2dd8: FileAttributes: 0x20
641bb0.2dd8: Size: 0x1d028
651bb0.2dd8: NT Headers: 0xc8
661bb0.2dd8: Timestamp: 0xd6ced080
671bb0.2dd8: Machine: 0x8664 - amd64
681bb0.2dd8: Timestamp: 0xd6ced080
691bb0.2dd8: Image Version: 10.0
701bb0.2dd8: SizeOfImage: 0x1e000 (122880)
711bb0.2dd8: Resource Dir: 0x1d000 LB 0x408
721bb0.2dd8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
731bb0.2dd8: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
741bb0.2dd8: ProductName: Microsoft® Windows® Operating System
751bb0.2dd8: ProductVersion: 10.0.18362.1
761bb0.2dd8: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
771bb0.2dd8: FileDescription: ApiSet Schema DLL
781bb0.2dd8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
791bb0.2dd8: supR3HardenedWinFindAdversaries: 0x40
801bb0.2dd8: \SystemRoot\System32\drivers\klflt.sys:
811bb0.2dd8: CreationTime: 2020-07-26T21:02:52.601332800Z
821bb0.2dd8: LastWriteTime: 2020-08-12T13:07:54.541171700Z
831bb0.2dd8: ChangeTime: 2020-08-12T13:07:54.541171700Z
841bb0.2dd8: FileAttributes: 0x20
851bb0.2dd8: Size: 0x3d798
861bb0.2dd8: NT Headers: 0x100
871bb0.2dd8: Timestamp: 0x82e91c41
881bb0.2dd8: Machine: 0x8664 - amd64
891bb0.2dd8: Timestamp: 0x82e91c41
901bb0.2dd8: Image Version: 6.1
911bb0.2dd8: SizeOfImage: 0x4a000 (303104)
921bb0.2dd8: Resource Dir: 0x47000 LB 0x418
931bb0.2dd8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
941bb0.2dd8: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
951bb0.2dd8: ProductName: Coretech Delivery
961bb0.2dd8: ProductVersion: 30.437.60.0
971bb0.2dd8: FileVersion: 30.437.60.0
981bb0.2dd8: FileDescription: Filter Core [fre_win7_amd64]
991bb0.2dd8: \SystemRoot\System32\drivers\klif.sys:
1001bb0.2dd8: CreationTime: 2020-07-26T21:02:52.712270600Z
1011bb0.2dd8: LastWriteTime: 2020-08-12T13:07:54.986919300Z
1021bb0.2dd8: ChangeTime: 2020-08-12T13:07:54.986919300Z
1031bb0.2dd8: FileAttributes: 0x20
1041bb0.2dd8: Size: 0xf3d98
1051bb0.2dd8: NT Headers: 0xf8
1061bb0.2dd8: Timestamp: 0x5ef8d291
1071bb0.2dd8: Machine: 0x8664 - amd64
1081bb0.2dd8: Timestamp: 0x5ef8d291
1091bb0.2dd8: Image Version: 6.1
1101bb0.2dd8: SizeOfImage: 0xf4000 (999424)
1111bb0.2dd8: Resource Dir: 0xeb000 LB 0x33f8
1121bb0.2dd8: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
1131bb0.2dd8: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
1141bb0.2dd8: ProductName: Coretech Delivery
1151bb0.2dd8: ProductVersion: 30.437.60.0
1161bb0.2dd8: FileVersion: 30.437.60.0
1171bb0.2dd8: FileDescription: Core System Interceptors [fre_win7_amd64]
1181bb0.2dd8: \SystemRoot\System32\drivers\klim6.sys:
1191bb0.2dd8: CreationTime: 2019-03-19T10:21:06.000000000Z
1201bb0.2dd8: LastWriteTime: 2019-03-19T10:21:06.000000000Z
1211bb0.2dd8: ChangeTime: 2020-07-26T21:03:27.978256700Z
1221bb0.2dd8: FileAttributes: 0x20
1231bb0.2dd8: Size: 0xe350
1241bb0.2dd8: NT Headers: 0xe0
1251bb0.2dd8: Timestamp: 0x54ad405e
1261bb0.2dd8: Machine: 0x8664 - amd64
1271bb0.2dd8: Timestamp: 0x54ad405e
1281bb0.2dd8: Image Version: 6.1
1291bb0.2dd8: SizeOfImage: 0xb000 (45056)
1301bb0.2dd8: Resource Dir: 0x9000 LB 0x430
1311bb0.2dd8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1321bb0.2dd8: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
1331bb0.2dd8: ProductName: Coretech Delivery
1341bb0.2dd8: ProductVersion: 30.0.3724.0
1351bb0.2dd8: FileVersion: 30.0.3724.0
1361bb0.2dd8: FileDescription: Packet Network Filter [fre_win7_amd64]
1371bb0.2dd8: \SystemRoot\System32\drivers\klkbdflt.sys:
1381bb0.2dd8: CreationTime: 2020-05-21T00:30:30.000000000Z
1391bb0.2dd8: LastWriteTime: 2020-05-21T00:30:30.000000000Z
1401bb0.2dd8: ChangeTime: 2020-07-26T21:03:27.229869700Z
1411bb0.2dd8: FileAttributes: 0x20
1421bb0.2dd8: Size: 0x13790
1431bb0.2dd8: NT Headers: 0xf8
1441bb0.2dd8: Timestamp: 0x6193eeca
1451bb0.2dd8: Machine: 0x8664 - amd64
1461bb0.2dd8: Timestamp: 0x6193eeca
1471bb0.2dd8: Image Version: 6.1
1481bb0.2dd8: SizeOfImage: 0x12000 (73728)
1491bb0.2dd8: Resource Dir: 0x10000 LB 0x440
1501bb0.2dd8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1511bb0.2dd8: [Raw version resource data: 0x10060 LB 0x3dc, codepage 0x0 (reserved 0x0)]
1521bb0.2dd8: ProductName: Coretech Delivery
1531bb0.2dd8: ProductVersion: 30.256.110.0
1541bb0.2dd8: FileVersion: 30.256.110.0
1551bb0.2dd8: FileDescription: Keyboard Device Filter [fre_win7_amd64]
1561bb0.2dd8: \SystemRoot\System32\drivers\klmouflt.sys:
1571bb0.2dd8: CreationTime: 2019-03-18T04:50:34.000000000Z
1581bb0.2dd8: LastWriteTime: 2019-03-18T04:50:34.000000000Z
1591bb0.2dd8: ChangeTime: 2020-07-26T21:03:26.960532900Z
1601bb0.2dd8: FileAttributes: 0x20
1611bb0.2dd8: Size: 0xe878
1621bb0.2dd8: NT Headers: 0xe8
1631bb0.2dd8: Timestamp: 0xab7b625
1641bb0.2dd8: Machine: 0x8664 - amd64
1651bb0.2dd8: Timestamp: 0xab7b625
1661bb0.2dd8: Image Version: 6.1
1671bb0.2dd8: SizeOfImage: 0xe000 (57344)
1681bb0.2dd8: Resource Dir: 0xc000 LB 0x430
1691bb0.2dd8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1701bb0.2dd8: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
1711bb0.2dd8: ProductName: Coretech Delivery
1721bb0.2dd8: ProductVersion: 30.0.3716.0
1731bb0.2dd8: FileVersion: 30.0.3716.0
1741bb0.2dd8: FileDescription: Mouse Device Filter [fre_win7_amd64]
1751bb0.2dd8: \SystemRoot\System32\drivers\kneps.sys:
1761bb0.2dd8: CreationTime: 2020-05-21T00:30:30.000000000Z
1771bb0.2dd8: LastWriteTime: 2020-08-12T13:07:55.177832800Z
1781bb0.2dd8: ChangeTime: 2020-08-12T13:07:55.177832800Z
1791bb0.2dd8: FileAttributes: 0x20
1801bb0.2dd8: Size: 0x38f98
1811bb0.2dd8: NT Headers: 0x108
1821bb0.2dd8: Timestamp: 0x5f4eb836
1831bb0.2dd8: Machine: 0x8664 - amd64
1841bb0.2dd8: Timestamp: 0x5f4eb836
1851bb0.2dd8: Image Version: 6.1
1861bb0.2dd8: SizeOfImage: 0x38000 (229376)
1871bb0.2dd8: Resource Dir: 0x35000 LB 0x428
1881bb0.2dd8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1891bb0.2dd8: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
1901bb0.2dd8: ProductName: Coretech Delivery
1911bb0.2dd8: ProductVersion: 30.437.53.0
1921bb0.2dd8: FileVersion: 30.437.53.0
1931bb0.2dd8: FileDescription: Network Processor [fre_win7_amd64]
1941bb0.2dd8: \SystemRoot\System32\klfphc.dll:
1951bb0.2dd8: CreationTime: 2020-07-26T21:03:25.440937400Z
1961bb0.2dd8: LastWriteTime: 2013-05-06T11:13:26.000000000Z
1971bb0.2dd8: ChangeTime: 2020-07-26T21:03:02.615376700Z
1981bb0.2dd8: FileAttributes: 0x20
1991bb0.2dd8: Size: 0x1ae60
2001bb0.2dd8: NT Headers: 0xe8
2011bb0.2dd8: Timestamp: 0x51873bf2
2021bb0.2dd8: Machine: 0x8664 - amd64
2031bb0.2dd8: Timestamp: 0x51873bf2
2041bb0.2dd8: Image Version: 0.0
2051bb0.2dd8: SizeOfImage: 0x1d000 (118784)
2061bb0.2dd8: Resource Dir: 0x18000 LB 0x3c80
2071bb0.2dd8: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
2081bb0.2dd8: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
2091bb0.2dd8: ProductName: Kaspersky™ Anti-Virus ®
2101bb0.2dd8: ProductVersion: 1.0.0.12
2111bb0.2dd8: FileVersion: 1.0.0.12
2121bb0.2dd8: FileDescription: Filtering Platform Helper Class
2131bb0.2dd8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Programs\VirtualBox'
2141bb0.2dd8: Calling main()
2151bb0.2dd8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
2161bb0.2dd8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Programs\VirtualBox'
2171bb0.2dd8: SUPR3HardenedMain: Respawn #1
2181bb0.2dd8: System32: \Device\HarddiskVolume2\Windows\System32
2191bb0.2dd8: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
2201bb0.2dd8: KnownDllPath: C:\WINDOWS\System32
2211bb0.2dd8: supR3HardenedWinInit: Performing a limited self purification...
2221bb0.2dd8: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
2231bb0.2dd8: *0000000000000000-00000000009affff 0x0001/0x0000 0x0000000
2241bb0.2dd8: *00000000009b0000-00000000009bffff 0x0004/0x0004 0x0040000
2251bb0.2dd8: 00000000009c0000-00000000009cffff 0x0001/0x0000 0x0000000
2261bb0.2dd8: *00000000009d0000-00000000009eafff 0x0002/0x0002 0x0040000
2271bb0.2dd8: 00000000009eb000-00000000009effff 0x0001/0x0000 0x0000000
2281bb0.2dd8: *00000000009f0000-00000000009f3fff 0x0002/0x0002 0x0040000
2291bb0.2dd8: 00000000009f4000-00000000009fffff 0x0001/0x0000 0x0000000
2301bb0.2dd8: *0000000000a00000-0000000000bc0fff 0x0000/0x0004 0x0020000
2311bb0.2dd8: 0000000000bc1000-0000000000bc3fff 0x0004/0x0004 0x0020000
2321bb0.2dd8: 0000000000bc4000-0000000000bfffff 0x0000/0x0004 0x0020000
2331bb0.2dd8: *0000000000c00000-0000000000cb0fff 0x0000/0x0004 0x0020000
2341bb0.2dd8: 0000000000cb1000-0000000000cb3fff 0x0104/0x0004 0x0020000
2351bb0.2dd8: 0000000000cb4000-0000000000cfffff 0x0004/0x0004 0x0020000
2361bb0.2dd8: *0000000000d00000-0000000000d01fff 0x0004/0x0004 0x0020000
2371bb0.2dd8: 0000000000d02000-0000000000d0ffff 0x0001/0x0000 0x0000000
2381bb0.2dd8: *0000000000d10000-0000000000dd6fff 0x0002/0x0002 0x0040000
2391bb0.2dd8: 0000000000dd7000-0000000000ddffff 0x0001/0x0000 0x0000000
2401bb0.2dd8: *0000000000de0000-0000000000de1fff 0x0004/0x0004 0x0020000
2411bb0.2dd8: 0000000000de2000-0000000000df9fff 0x0000/0x0004 0x0020000
2421bb0.2dd8: 0000000000dfa000-0000000000ebffff 0x0001/0x0000 0x0000000
2431bb0.2dd8: *0000000000ec0000-0000000000ec4fff 0x0004/0x0004 0x0020000
2441bb0.2dd8: 0000000000ec5000-0000000000fbffff 0x0000/0x0004 0x0020000
2451bb0.2dd8: *0000000000fc0000-0000000000fdcfff 0x0004/0x0004 0x0020000
2461bb0.2dd8: 0000000000fdd000-00000000010bffff 0x0000/0x0004 0x0020000
2471bb0.2dd8: 00000000010c0000-000000000119ffff 0x0001/0x0000 0x0000000
2481bb0.2dd8: *00000000011a0000-00000000011aefff 0x0004/0x0004 0x0020000
2491bb0.2dd8: 00000000011af000-00000000011affff 0x0000/0x0004 0x0020000
2501bb0.2dd8: *00000000011b0000-00000000011b7fff 0x0000/0x0004 0x0020000
2511bb0.2dd8: 00000000011b8000-00000000013a8fff 0x0004/0x0004 0x0020000
2521bb0.2dd8: 00000000013a9000-00000000013a9fff 0x0000/0x0004 0x0020000
2531bb0.2dd8: 00000000013aa000-000000007ffdffff 0x0001/0x0000 0x0000000
2541bb0.2dd8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2551bb0.2dd8: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000
2561bb0.2dd8: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000
2571bb0.2dd8: 000000007ffe3000-00007ff45327ffff 0x0001/0x0000 0x0000000
2581bb0.2dd8: *00007ff453280000-00007ff453284fff 0x0002/0x0002 0x0040000
2591bb0.2dd8: 00007ff453285000-00007ff45337ffff 0x0000/0x0002 0x0040000
2601bb0.2dd8: *00007ff453380000-00007ff55339ffff 0x0000/0x0004 0x0020000
2611bb0.2dd8: *00007ff5533a0000-00007ff55539ffff 0x0000/0x0004 0x0020000
2621bb0.2dd8: 00007ff5553a0000-00007ff5553a0fff 0x0004/0x0004 0x0020000
2631bb0.2dd8: 00007ff5553a1000-00007ff5553affff 0x0001/0x0000 0x0000000
2641bb0.2dd8: *00007ff5553b0000-00007ff5553b0fff 0x0002/0x0002 0x0040000
2651bb0.2dd8: 00007ff5553b1000-00007ff5553bffff 0x0001/0x0000 0x0000000
2661bb0.2dd8: *00007ff5553c0000-00007ff5553e2fff 0x0002/0x0002 0x0040000
2671bb0.2dd8: 00007ff5553e3000-00007ff6d419ffff 0x0001/0x0000 0x0000000
2681bb0.2dd8: *00007ff6d41a0000-00007ff6d41a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2691bb0.2dd8: 00007ff6d41a1000-00007ff6d4217fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2701bb0.2dd8: 00007ff6d4218000-00007ff6d4218fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2711bb0.2dd8: 00007ff6d4219000-00007ff6d4261fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2721bb0.2dd8: 00007ff6d4262000-00007ff6d4264fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2731bb0.2dd8: 00007ff6d4265000-00007ff6d4267fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2741bb0.2dd8: 00007ff6d4268000-00007ff6d426afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2751bb0.2dd8: 00007ff6d426b000-00007ff6d426bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2761bb0.2dd8: 00007ff6d426c000-00007ff6d426dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2771bb0.2dd8: 00007ff6d426e000-00007ff6d426efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2781bb0.2dd8: 00007ff6d426f000-00007ff6d42b7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
2791bb0.2dd8: 00007ff6d42b8000-00007ffa3583ffff 0x0001/0x0000 0x0000000
2801bb0.2dd8: *00007ffa35840000-00007ffa35840fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2811bb0.2dd8: 00007ffa35841000-00007ffa35946fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2821bb0.2dd8: 00007ffa35947000-00007ffa35aa9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2831bb0.2dd8: 00007ffa35aaa000-00007ffa35aadfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2841bb0.2dd8: 00007ffa35aae000-00007ffa35aaefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2851bb0.2dd8: 00007ffa35aaf000-00007ffa35ae4fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
2861bb0.2dd8: 00007ffa35ae5000-00007ffa3609ffff 0x0001/0x0000 0x0000000
2871bb0.2dd8: *00007ffa360a0000-00007ffa360a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2881bb0.2dd8: 00007ffa360a1000-00007ffa36115fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2891bb0.2dd8: 00007ffa36116000-00007ffa36147fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2901bb0.2dd8: 00007ffa36148000-00007ffa36148fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2911bb0.2dd8: 00007ffa36149000-00007ffa36149fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2921bb0.2dd8: 00007ffa3614a000-00007ffa36151fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2931bb0.2dd8: 00007ffa36152000-00007ffa37b1ffff 0x0001/0x0000 0x0000000
2941bb0.2dd8: *00007ffa37b20000-00007ffa37b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2951bb0.2dd8: 00007ffa37b21000-00007ffa37c37fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2961bb0.2dd8: 00007ffa37c38000-00007ffa37c7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2971bb0.2dd8: 00007ffa37c7f000-00007ffa37c7ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2981bb0.2dd8: 00007ffa37c80000-00007ffa37c81fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2991bb0.2dd8: 00007ffa37c82000-00007ffa37c8afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3001bb0.2dd8: 00007ffa37c8b000-00007ffa37d0ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3011bb0.2dd8: 00007ffa37d10000-00007ffffffeffff 0x0001/0x0000 0x0000000
3021bb0.2dd8: kernel32.dll: timestamp 0x2d28261f (rc=VINF_SUCCESS)
3031bb0.2dd8: kernelbase.dll: timestamp 0xa8b891f5 (rc=VINF_SUCCESS)
3041bb0.2dd8: VirtualBoxVM.exe: timestamp 0x5f89bd71 (rc=VINF_SUCCESS)
3051bb0.2dd8: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
3061bb0.2dd8: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
3071bb0.2dd8: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
3081bb0.2dd8: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
3091bb0.2dd8: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
3101bb0.2dd8: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
3111bb0.2dd8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe)
3121bb0.2dd8: supR3HardNtEnableThreadCreationEx:
3131bb0.2dd8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa37b91df0 pvNtTerminateThread=00007ffa37bbd140
3141bb0.2dd8: supR3HardenedWinDoReSpawn(1): New child 1bcc.2eb8 [kernel32].
3151bb0.2dd8: supR3HardNtChildGatherData: PebBaseAddress=0000000000fc0000 cbPeb=0x388
3161bb0.2dd8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa37b20000 uNtDllChildAddr=00007ffa37b20000
3171bb0.2dd8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa37b91df0
3181bb0.2dd8: supR3HardenedWinSetupChildInit: Initial context:
319 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d41a7900 rdx=0000000000fc0000
320 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
321 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
322 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
323 rip=00007ffa37b8d4b0 rsp=0000000000ddf958 rbp=0000000000000000 ctxflags=0010001b
324 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
325 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
326 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
327 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
328 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
3291bb0.2dd8: supR3HardenedWinSetupChildInit: Start child.
3301bb0.2dd8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
3311bb0.2dd8: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 59 sleeps
3321bb0.2dd8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3331bb0.2dd8: *0000000000000000-0000000000c9ffff 0x0001/0x0000 0x0000000
3341bb0.2dd8: *0000000000ca0000-0000000000cbffff 0x0004/0x0004 0x0020000
3351bb0.2dd8: *0000000000cc0000-0000000000cdafff 0x0002/0x0002 0x0040000
3361bb0.2dd8: 0000000000cdb000-0000000000cdffff 0x0001/0x0000 0x0000000
3371bb0.2dd8: *0000000000ce0000-0000000000ddafff 0x0000/0x0004 0x0020000
3381bb0.2dd8: 0000000000ddb000-0000000000dddfff 0x0104/0x0004 0x0020000
3391bb0.2dd8: 0000000000dde000-0000000000ddffff 0x0004/0x0004 0x0020000
3401bb0.2dd8: *0000000000de0000-0000000000de3fff 0x0002/0x0002 0x0040000
3411bb0.2dd8: 0000000000de4000-0000000000deffff 0x0001/0x0000 0x0000000
3421bb0.2dd8: *0000000000df0000-0000000000df1fff 0x0004/0x0004 0x0020000
3431bb0.2dd8: 0000000000df2000-0000000000dfffff 0x0001/0x0000 0x0000000
3441bb0.2dd8: *0000000000e00000-0000000000fbffff 0x0000/0x0004 0x0020000
3451bb0.2dd8: 0000000000fc0000-0000000000fc2fff 0x0004/0x0004 0x0020000
3461bb0.2dd8: 0000000000fc3000-0000000000ffffff 0x0000/0x0004 0x0020000
3471bb0.2dd8: 0000000001000000-000000007ffdffff 0x0001/0x0000 0x0000000
3481bb0.2dd8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
3491bb0.2dd8: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000
3501bb0.2dd8: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000
3511bb0.2dd8: 000000007ffe3000-00007ff5f658ffff 0x0001/0x0000 0x0000000
3521bb0.2dd8: *00007ff5f6590000-00007ff5f6590fff 0x0002/0x0002 0x0040000
3531bb0.2dd8: 00007ff5f6591000-00007ff5f659ffff 0x0001/0x0000 0x0000000
3541bb0.2dd8: *00007ff5f65a0000-00007ff5f65c2fff 0x0002/0x0002 0x0040000
3551bb0.2dd8: 00007ff5f65c3000-00007ff6d419ffff 0x0001/0x0000 0x0000000
3561bb0.2dd8: *00007ff6d41a0000-00007ff6d41a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3571bb0.2dd8: 00007ff6d41a1000-00007ff6d4217fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3581bb0.2dd8: 00007ff6d4218000-00007ff6d4218fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3591bb0.2dd8: 00007ff6d4219000-00007ff6d4261fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3601bb0.2dd8: 00007ff6d4262000-00007ff6d4262fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3611bb0.2dd8: 00007ff6d4263000-00007ff6d4263fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3621bb0.2dd8: 00007ff6d4264000-00007ff6d4268fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3631bb0.2dd8: 00007ff6d4269000-00007ff6d4269fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3641bb0.2dd8: 00007ff6d426a000-00007ff6d426afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3651bb0.2dd8: 00007ff6d426b000-00007ff6d426efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3661bb0.2dd8: 00007ff6d426f000-00007ff6d42b7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
3671bb0.2dd8: 00007ff6d42b8000-00007ffa37b1ffff 0x0001/0x0000 0x0000000
3681bb0.2dd8: *00007ffa37b20000-00007ffa37b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3691bb0.2dd8: 00007ffa37b21000-00007ffa37c37fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3701bb0.2dd8: 00007ffa37c38000-00007ffa37c7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3711bb0.2dd8: 00007ffa37c7f000-00007ffa37c8afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3721bb0.2dd8: 00007ffa37c8b000-00007ffa37c99fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3731bb0.2dd8: 00007ffa37c9a000-00007ffa37c9afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3741bb0.2dd8: 00007ffa37c9b000-00007ffa37c9dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3751bb0.2dd8: 00007ffa37c9e000-00007ffa37d0ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
3761bb0.2dd8: 00007ffa37d10000-00007ffffffeffff 0x0001/0x0000 0x0000000
3771bb0.2dd8: supR3HardNtChildPurify: Done after 531 ms and 0 fixes (loop #0).
3781bcc.2eb8: Log file opened: 6.1.16r140961 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
3791bcc.2eb8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa37b20000 g_uNtVerCombined=0xa047bb00 (stack ~0000000000ddf3e8)
3801bcc.2eb8: ntdll.dll: timestamp 0x103a4719 (rc=VINF_SUCCESS)
3811bcc.2eb8: New simple heap: #1 0000000001100000 LB 0x400000 (for 2031616 allocation)
3821bb0.2dd8: supR3HardNtEnableThreadCreationEx:
3831bcc.2eb8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Programs\VirtualBox'
3841bcc.2eb8: System32: \Device\HarddiskVolume2\Windows\System32
3851bcc.2eb8: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
3861bcc.2eb8: KnownDllPath: C:\WINDOWS\System32
3871bcc.2eb8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
3881bcc.2eb8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
3891bcc.2eb8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
3901bcc.2eb8: Registered Dll notification callback with NTDLL.
3911bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
3921bcc.2eb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
3931bcc.2eb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
3941bcc.2eb8: supR3HardenedDllNotificationCallback: load 00007ffa35840000 LB 0x002a5000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
3951bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
3961bcc.2eb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
3971bcc.2eb8: supR3HardenedDllNotificationCallback: load 00007ffa360a0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
3981bcc.2eb8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
3991bcc.2eb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa360a0000 'C:\WINDOWS\System32\KERNEL32.DLL'
4001bcc.2eb8: supR3HardenedDllNotificationCallback: load 00007ff6d41a0000 LB 0x00118000 D:\Programs\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
4011bcc.2eb8: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
4021bcc.2eb8: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
4031bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe)
4041bcc.2eb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
4051bcc.2eb8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa37b91df0 pvNtTerminateThread=00007ffa37bbd140
4061bb0.2dd8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 156 ms.
4071bcc.2eb8: \SystemRoot\System32\ntdll.dll:
4081bcc.2eb8: CreationTime: 2020-11-16T21:24:26.565758000Z
4091bcc.2eb8: LastWriteTime: 2020-11-16T21:24:26.640935300Z
4101bcc.2eb8: ChangeTime: 2020-11-16T23:59:56.844820200Z
4111bcc.2eb8: FileAttributes: 0x20
4121bcc.2eb8: Size: 0x1e8058
4131bcc.2eb8: NT Headers: 0xd8
4141bcc.2eb8: Timestamp: 0x103a4719
4151bcc.2eb8: Machine: 0x8664 - amd64
4161bcc.2eb8: Timestamp: 0x103a4719
4171bcc.2eb8: Image Version: 10.0
4181bcc.2eb8: SizeOfImage: 0x1f0000 (2031616)
4191bcc.2eb8: Resource Dir: 0x17f000 LB 0x6f3b8
4201bcc.2eb8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
4211bcc.2eb8: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
4221bcc.2eb8: ProductName: Microsoft® Windows® Operating System
4231bcc.2eb8: ProductVersion: 10.0.18362.1171
4241bcc.2eb8: FileVersion: 10.0.18362.1171 (WinBuild.160101.0800)
4251bcc.2eb8: FileDescription: NT Layer DLL
4261bcc.2eb8: \SystemRoot\System32\kernel32.dll:
4271bcc.2eb8: CreationTime: 2020-10-14T15:41:50.085714300Z
4281bcc.2eb8: LastWriteTime: 2020-10-14T15:41:50.135685400Z
4291bcc.2eb8: ChangeTime: 2020-11-16T21:27:38.218148600Z
4301bcc.2eb8: FileAttributes: 0x20
4311bcc.2eb8: Size: 0xb04a0
4321bcc.2eb8: NT Headers: 0xf8
4331bcc.2eb8: Timestamp: 0x2d28261f
4341bcc.2eb8: Machine: 0x8664 - amd64
4351bcc.2eb8: Timestamp: 0x2d28261f
4361bcc.2eb8: Image Version: 10.0
4371bcc.2eb8: SizeOfImage: 0xb2000 (729088)
4381bcc.2eb8: Resource Dir: 0xb0000 LB 0x520
4391bcc.2eb8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4401bcc.2eb8: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
4411bcc.2eb8: ProductName: Microsoft® Windows® Operating System
4421bcc.2eb8: ProductVersion: 10.0.18362.1110
4431bcc.2eb8: FileVersion: 10.0.18362.1110 (WinBuild.160101.0800)
4441bcc.2eb8: FileDescription: Windows NT BASE API Client DLL
4451bcc.2eb8: \SystemRoot\System32\KernelBase.dll:
4461bcc.2eb8: CreationTime: 2020-10-14T15:42:29.628041900Z
4471bcc.2eb8: LastWriteTime: 2020-10-14T15:42:29.814934200Z
4481bcc.2eb8: ChangeTime: 2020-11-16T21:27:38.634087800Z
4491bcc.2eb8: FileAttributes: 0x20
4501bcc.2eb8: Size: 0x2a5a88
4511bcc.2eb8: NT Headers: 0x100
4521bcc.2eb8: Timestamp: 0xa8b891f5
4531bcc.2eb8: Machine: 0x8664 - amd64
4541bcc.2eb8: Timestamp: 0xa8b891f5
4551bcc.2eb8: Image Version: 10.0
4561bcc.2eb8: SizeOfImage: 0x2a5000 (2772992)
4571bcc.2eb8: Resource Dir: 0x27f000 LB 0x548
4581bcc.2eb8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
4591bcc.2eb8: [Raw version resource data: 0x27f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
4601bcc.2eb8: ProductName: Microsoft® Windows® Operating System
4611bcc.2eb8: ProductVersion: 10.0.18362.1139
4621bcc.2eb8: FileVersion: 10.0.18362.1139 (WinBuild.160101.0800)
4631bcc.2eb8: FileDescription: Windows NT BASE API Client DLL
4641bcc.2eb8: \SystemRoot\System32\apisetschema.dll:
4651bcc.2eb8: CreationTime: 2019-03-19T04:43:54.837151500Z
4661bcc.2eb8: LastWriteTime: 2019-03-19T04:43:54.837151500Z
4671bcc.2eb8: ChangeTime: 2020-11-16T21:27:38.195693000Z
4681bcc.2eb8: FileAttributes: 0x20
4691bcc.2eb8: Size: 0x1d028
4701bcc.2eb8: NT Headers: 0xc8
4711bcc.2eb8: Timestamp: 0xd6ced080
4721bcc.2eb8: Machine: 0x8664 - amd64
4731bcc.2eb8: Timestamp: 0xd6ced080
4741bcc.2eb8: Image Version: 10.0
4751bcc.2eb8: SizeOfImage: 0x1e000 (122880)
4761bcc.2eb8: Resource Dir: 0x1d000 LB 0x408
4771bcc.2eb8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4781bcc.2eb8: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
4791bcc.2eb8: ProductName: Microsoft® Windows® Operating System
4801bcc.2eb8: ProductVersion: 10.0.18362.1
4811bcc.2eb8: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
4821bcc.2eb8: FileDescription: ApiSet Schema DLL
4831bcc.2eb8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
4841bcc.2eb8: supR3HardenedWinFindAdversaries: 0x40
4851bcc.2eb8: \SystemRoot\System32\drivers\klflt.sys:
4861bcc.2eb8: CreationTime: 2020-07-26T21:02:52.601332800Z
4871bcc.2eb8: LastWriteTime: 2020-08-12T13:07:54.541171700Z
4881bcc.2eb8: ChangeTime: 2020-08-12T13:07:54.541171700Z
4891bcc.2eb8: FileAttributes: 0x20
4901bcc.2eb8: Size: 0x3d798
4911bcc.2eb8: NT Headers: 0x100
4921bcc.2eb8: Timestamp: 0x82e91c41
4931bcc.2eb8: Machine: 0x8664 - amd64
4941bcc.2eb8: Timestamp: 0x82e91c41
4951bcc.2eb8: Image Version: 6.1
4961bcc.2eb8: SizeOfImage: 0x4a000 (303104)
4971bcc.2eb8: Resource Dir: 0x47000 LB 0x418
4981bcc.2eb8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
4991bcc.2eb8: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
5001bcc.2eb8: ProductName: Coretech Delivery
5011bcc.2eb8: ProductVersion: 30.437.60.0
5021bcc.2eb8: FileVersion: 30.437.60.0
5031bcc.2eb8: FileDescription: Filter Core [fre_win7_amd64]
5041bcc.2eb8: \SystemRoot\System32\drivers\klif.sys:
5051bcc.2eb8: CreationTime: 2020-07-26T21:02:52.712270600Z
5061bcc.2eb8: LastWriteTime: 2020-08-12T13:07:54.986919300Z
5071bcc.2eb8: ChangeTime: 2020-08-12T13:07:54.986919300Z
5081bcc.2eb8: FileAttributes: 0x20
5091bcc.2eb8: Size: 0xf3d98
5101bcc.2eb8: NT Headers: 0xf8
5111bcc.2eb8: Timestamp: 0x5ef8d291
5121bcc.2eb8: Machine: 0x8664 - amd64
5131bcc.2eb8: Timestamp: 0x5ef8d291
5141bcc.2eb8: Image Version: 6.1
5151bcc.2eb8: SizeOfImage: 0xf4000 (999424)
5161bcc.2eb8: Resource Dir: 0xeb000 LB 0x33f8
5171bcc.2eb8: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
5181bcc.2eb8: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
5191bcc.2eb8: ProductName: Coretech Delivery
5201bcc.2eb8: ProductVersion: 30.437.60.0
5211bcc.2eb8: FileVersion: 30.437.60.0
5221bcc.2eb8: FileDescription: Core System Interceptors [fre_win7_amd64]
5231bcc.2eb8: \SystemRoot\System32\drivers\klim6.sys:
5241bcc.2eb8: CreationTime: 2019-03-19T10:21:06.000000000Z
5251bcc.2eb8: LastWriteTime: 2019-03-19T10:21:06.000000000Z
5261bcc.2eb8: ChangeTime: 2020-07-26T21:03:27.978256700Z
5271bcc.2eb8: FileAttributes: 0x20
5281bcc.2eb8: Size: 0xe350
5291bcc.2eb8: NT Headers: 0xe0
5301bcc.2eb8: Timestamp: 0x54ad405e
5311bcc.2eb8: Machine: 0x8664 - amd64
5321bcc.2eb8: Timestamp: 0x54ad405e
5331bcc.2eb8: Image Version: 6.1
5341bcc.2eb8: SizeOfImage: 0xb000 (45056)
5351bcc.2eb8: Resource Dir: 0x9000 LB 0x430
5361bcc.2eb8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5371bcc.2eb8: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
5381bcc.2eb8: ProductName: Coretech Delivery
5391bcc.2eb8: ProductVersion: 30.0.3724.0
5401bcc.2eb8: FileVersion: 30.0.3724.0
5411bcc.2eb8: FileDescription: Packet Network Filter [fre_win7_amd64]
5421bcc.2eb8: \SystemRoot\System32\drivers\klkbdflt.sys:
5431bcc.2eb8: CreationTime: 2020-05-21T00:30:30.000000000Z
5441bcc.2eb8: LastWriteTime: 2020-05-21T00:30:30.000000000Z
5451bcc.2eb8: ChangeTime: 2020-07-26T21:03:27.229869700Z
5461bcc.2eb8: FileAttributes: 0x20
5471bcc.2eb8: Size: 0x13790
5481bcc.2eb8: NT Headers: 0xf8
5491bcc.2eb8: Timestamp: 0x6193eeca
5501bcc.2eb8: Machine: 0x8664 - amd64
5511bcc.2eb8: Timestamp: 0x6193eeca
5521bcc.2eb8: Image Version: 6.1
5531bcc.2eb8: SizeOfImage: 0x12000 (73728)
5541bcc.2eb8: Resource Dir: 0x10000 LB 0x440
5551bcc.2eb8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5561bcc.2eb8: [Raw version resource data: 0x10060 LB 0x3dc, codepage 0x0 (reserved 0x0)]
5571bcc.2eb8: ProductName: Coretech Delivery
5581bcc.2eb8: ProductVersion: 30.256.110.0
5591bcc.2eb8: FileVersion: 30.256.110.0
5601bcc.2eb8: FileDescription: Keyboard Device Filter [fre_win7_amd64]
5611bcc.2eb8: \SystemRoot\System32\drivers\klmouflt.sys:
5621bcc.2eb8: CreationTime: 2019-03-18T04:50:34.000000000Z
5631bcc.2eb8: LastWriteTime: 2019-03-18T04:50:34.000000000Z
5641bcc.2eb8: ChangeTime: 2020-07-26T21:03:26.960532900Z
5651bcc.2eb8: FileAttributes: 0x20
5661bcc.2eb8: Size: 0xe878
5671bcc.2eb8: NT Headers: 0xe8
5681bcc.2eb8: Timestamp: 0xab7b625
5691bcc.2eb8: Machine: 0x8664 - amd64
5701bcc.2eb8: Timestamp: 0xab7b625
5711bcc.2eb8: Image Version: 6.1
5721bcc.2eb8: SizeOfImage: 0xe000 (57344)
5731bcc.2eb8: Resource Dir: 0xc000 LB 0x430
5741bcc.2eb8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5751bcc.2eb8: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
5761bcc.2eb8: ProductName: Coretech Delivery
5771bcc.2eb8: ProductVersion: 30.0.3716.0
5781bcc.2eb8: FileVersion: 30.0.3716.0
5791bcc.2eb8: FileDescription: Mouse Device Filter [fre_win7_amd64]
5801bcc.2eb8: \SystemRoot\System32\drivers\kneps.sys:
5811bcc.2eb8: CreationTime: 2020-05-21T00:30:30.000000000Z
5821bcc.2eb8: LastWriteTime: 2020-08-12T13:07:55.177832800Z
5831bcc.2eb8: ChangeTime: 2020-08-12T13:07:55.177832800Z
5841bcc.2eb8: FileAttributes: 0x20
5851bcc.2eb8: Size: 0x38f98
5861bcc.2eb8: NT Headers: 0x108
5871bcc.2eb8: Timestamp: 0x5f4eb836
5881bcc.2eb8: Machine: 0x8664 - amd64
5891bcc.2eb8: Timestamp: 0x5f4eb836
5901bcc.2eb8: Image Version: 6.1
5911bcc.2eb8: SizeOfImage: 0x38000 (229376)
5921bcc.2eb8: Resource Dir: 0x35000 LB 0x428
5931bcc.2eb8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5941bcc.2eb8: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
5951bcc.2eb8: ProductName: Coretech Delivery
5961bcc.2eb8: ProductVersion: 30.437.53.0
5971bcc.2eb8: FileVersion: 30.437.53.0
5981bcc.2eb8: FileDescription: Network Processor [fre_win7_amd64]
5991bcc.2eb8: \SystemRoot\System32\klfphc.dll:
6001bcc.2eb8: CreationTime: 2020-07-26T21:03:25.440937400Z
6011bcc.2eb8: LastWriteTime: 2013-05-06T11:13:26.000000000Z
6021bcc.2eb8: ChangeTime: 2020-07-26T21:03:02.615376700Z
6031bcc.2eb8: FileAttributes: 0x20
6041bcc.2eb8: Size: 0x1ae60
6051bcc.2eb8: NT Headers: 0xe8
6061bcc.2eb8: Timestamp: 0x51873bf2
6071bcc.2eb8: Machine: 0x8664 - amd64
6081bcc.2eb8: Timestamp: 0x51873bf2
6091bcc.2eb8: Image Version: 0.0
6101bcc.2eb8: SizeOfImage: 0x1d000 (118784)
6111bcc.2eb8: Resource Dir: 0x18000 LB 0x3c80
6121bcc.2eb8: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
6131bcc.2eb8: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
6141bcc.2eb8: ProductName: Kaspersky™ Anti-Virus ®
6151bcc.2eb8: ProductVersion: 1.0.0.12
6161bcc.2eb8: FileVersion: 1.0.0.12
6171bcc.2eb8: FileDescription: Filtering Platform Helper Class
6181bcc.2eb8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Programs\VirtualBox'
6191bcc.2eb8: Calling main()
6201bcc.2eb8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
6211bcc.2eb8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Programs\VirtualBox'
6221bcc.2eb8: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
6231bcc.2eb8: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
6241bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe)
6251bcc.2eb8: SUPR3HardenedMain: Respawn #2
6261bcc.2eb8: supR3HardNtEnableThreadCreationEx:
6271bcc.2eb8: supR3HardenedDllNotificationCallback: load 00007ffa37480000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
6281bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
6291bcc.2eb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
6301bcc.2eb8: supR3HardenedDllNotificationCallback: load 00007ffa37750000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
6311bcc.2eb8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
6321bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
6331bcc.2eb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
6341bcc.2eb8: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
6351bcc.2eb8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll)
6361bcc.2eb8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
6371bcc.2eb8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6381bcc.2eb8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6391bcc.2eb8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6401bcc.2eb8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6411bcc.2eb8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa37b20000 'C:\WINDOWS\System32\ntdll.dll'
6421bcc.2eb8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa37b91df0 pvNtTerminateThread=00007ffa37bbd140
6431bcc.2eb8: supR3HardenedWinDoReSpawn(2): New child a0c.2cf4 [kernel32].
6441bcc.2eb8: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
6451bcc.2eb8: supR3HardNtChildGatherData: PebBaseAddress=00000000008dc000 cbPeb=0x388
6461bcc.2eb8: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa37b20000 uNtDllChildAddr=00007ffa37b20000
6471bcc.2eb8: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa37b91df0
6481bcc.2eb8: supR3HardenedWinSetupChildInit: Initial context:
649 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d41a7900 rdx=00000000008dc000
650 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
651 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
652 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
653 rip=00007ffa37b8d4b0 rsp=0000000000aff998 rbp=0000000000000000 ctxflags=0010001b
654 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
655 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
656 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
657 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
658 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
6591bcc.2eb8: kernel32.dll: timestamp 0x2d28261f (rc=VINF_SUCCESS)
6601bcc.2eb8: supR3HardenedWinSetupChildInit: Start child.
6611bcc.2eb8: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
6621bcc.2eb8: supR3HardNtChildPurify: Startup delay kludge #1/0: 521 ms, 60 sleeps
6631bcc.2eb8: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
6641bcc.2eb8: *0000000000000000-00000000006dffff 0x0001/0x0000 0x0000000
6651bcc.2eb8: *00000000006e0000-00000000006fffff 0x0004/0x0004 0x0020000
6661bcc.2eb8: *0000000000700000-000000000071afff 0x0002/0x0002 0x0040000
6671bcc.2eb8: 000000000071b000-000000000071ffff 0x0001/0x0000 0x0000000
6681bcc.2eb8: *0000000000720000-0000000000723fff 0x0002/0x0002 0x0040000
6691bcc.2eb8: 0000000000724000-000000000072ffff 0x0001/0x0000 0x0000000
6701bcc.2eb8: *0000000000730000-0000000000731fff 0x0004/0x0004 0x0020000
6711bcc.2eb8: 0000000000732000-00000000007fffff 0x0001/0x0000 0x0000000
6721bcc.2eb8: *0000000000800000-00000000008dbfff 0x0000/0x0004 0x0020000
6731bcc.2eb8: 00000000008dc000-00000000008defff 0x0004/0x0004 0x0020000
6741bcc.2eb8: 00000000008df000-00000000009fffff 0x0000/0x0004 0x0020000
6751bcc.2eb8: *0000000000a00000-0000000000afafff 0x0000/0x0004 0x0020000
6761bcc.2eb8: 0000000000afb000-0000000000afdfff 0x0104/0x0004 0x0020000
6771bcc.2eb8: 0000000000afe000-0000000000afffff 0x0004/0x0004 0x0020000
6781bcc.2eb8: 0000000000b00000-000000007ffdffff 0x0001/0x0000 0x0000000
6791bcc.2eb8: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
6801bcc.2eb8: 000000007ffe1000-000000007ffe1fff 0x0001/0x0000 0x0000000
6811bcc.2eb8: *000000007ffe2000-000000007ffe2fff 0x0002/0x0002 0x0020000
6821bcc.2eb8: 000000007ffe3000-00007ff53ba3ffff 0x0001/0x0000 0x0000000
6831bcc.2eb8: *00007ff53ba40000-00007ff53ba40fff 0x0002/0x0002 0x0040000
6841bcc.2eb8: 00007ff53ba41000-00007ff53ba4ffff 0x0001/0x0000 0x0000000
6851bcc.2eb8: *00007ff53ba50000-00007ff53ba72fff 0x0002/0x0002 0x0040000
6861bcc.2eb8: 00007ff53ba73000-00007ff6d419ffff 0x0001/0x0000 0x0000000
6871bcc.2eb8: *00007ff6d41a0000-00007ff6d41a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6881bcc.2eb8: 00007ff6d41a1000-00007ff6d4217fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6891bcc.2eb8: 00007ff6d4218000-00007ff6d4218fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6901bcc.2eb8: 00007ff6d4219000-00007ff6d4261fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6911bcc.2eb8: 00007ff6d4262000-00007ff6d4262fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6921bcc.2eb8: 00007ff6d4263000-00007ff6d4263fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6931bcc.2eb8: 00007ff6d4264000-00007ff6d4268fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6941bcc.2eb8: 00007ff6d4269000-00007ff6d4269fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6951bcc.2eb8: 00007ff6d426a000-00007ff6d426afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6961bcc.2eb8: 00007ff6d426b000-00007ff6d426efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6971bcc.2eb8: 00007ff6d426f000-00007ff6d42b7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
6981bcc.2eb8: 00007ff6d42b8000-00007ffa37b1ffff 0x0001/0x0000 0x0000000
6991bcc.2eb8: *00007ffa37b20000-00007ffa37b20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7001bcc.2eb8: 00007ffa37b21000-00007ffa37c37fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7011bcc.2eb8: 00007ffa37c38000-00007ffa37c7efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7021bcc.2eb8: 00007ffa37c7f000-00007ffa37c8afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7031bcc.2eb8: 00007ffa37c8b000-00007ffa37c99fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7041bcc.2eb8: 00007ffa37c9a000-00007ffa37c9afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7051bcc.2eb8: 00007ffa37c9b000-00007ffa37c9dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7061bcc.2eb8: 00007ffa37c9e000-00007ffa37d0ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
7071bcc.2eb8: 00007ffa37d10000-00007ffffffeffff 0x0001/0x0000 0x0000000
7081bcc.2eb8: VirtualBoxVM.exe: timestamp 0x5f89bd71 (rc=VINF_SUCCESS)
7091bcc.2eb8: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
7101bcc.2eb8: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
7111bcc.2eb8: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
7121bcc.2eb8: supR3HardNtChildPurify: Done after 589 ms and 0 fixes (loop #0).
713a0c.2cf4: Log file opened: 6.1.16r140961 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047bb00
714a0c.2cf4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa37b20000 g_uNtVerCombined=0xa047bb00 (stack ~0000000000aff428)
715a0c.2cf4: ntdll.dll: timestamp 0x103a4719 (rc=VINF_SUCCESS)
7161bcc.2eb8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001100000 LB 0x400000)
717a0c.2cf4: New simple heap: #1 0000000000c00000 LB 0x400000 (for 2031616 allocation)
7181bcc.2eb8: supR3HardNtEnableThreadCreationEx:
719a0c.2cf4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Programs\VirtualBox'
720a0c.2cf4: System32: \Device\HarddiskVolume2\Windows\System32
721a0c.2cf4: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
722a0c.2cf4: KnownDllPath: C:\WINDOWS\System32
723a0c.2cf4: supR3HardenedVmProcessInit: Opening vboxdrv...
724a0c.2cf4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
725a0c.2cf4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
726a0c.2cf4: Registered Dll notification callback with NTDLL.
727a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
728a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
729a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
730a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa35840000 LB 0x002a5000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
731a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
732a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
733a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa360a0000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
734a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
735a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa360a0000 'C:\WINDOWS\System32\KERNEL32.DLL'
736a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ff6d41a0000 LB 0x00118000 D:\Programs\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
737a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
738a0c.2cf4: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
739a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe)
740a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe
741a0c.2cf4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa37b91df0 pvNtTerminateThread=00007ffa37bbd140
7421bcc.2eb8: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 144 ms.
743a0c.2cf4: \SystemRoot\System32\ntdll.dll:
744a0c.2cf4: CreationTime: 2020-11-16T21:24:26.565758000Z
745a0c.2cf4: LastWriteTime: 2020-11-16T21:24:26.640935300Z
746a0c.2cf4: ChangeTime: 2020-11-16T23:59:56.844820200Z
747a0c.2cf4: FileAttributes: 0x20
748a0c.2cf4: Size: 0x1e8058
749a0c.2cf4: NT Headers: 0xd8
750a0c.2cf4: Timestamp: 0x103a4719
751a0c.2cf4: Machine: 0x8664 - amd64
752a0c.2cf4: Timestamp: 0x103a4719
753a0c.2cf4: Image Version: 10.0
754a0c.2cf4: SizeOfImage: 0x1f0000 (2031616)
755a0c.2cf4: Resource Dir: 0x17f000 LB 0x6f3b8
756a0c.2cf4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
757a0c.2cf4: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
758a0c.2cf4: ProductName: Microsoft® Windows® Operating System
759a0c.2cf4: ProductVersion: 10.0.18362.1171
760a0c.2cf4: FileVersion: 10.0.18362.1171 (WinBuild.160101.0800)
761a0c.2cf4: FileDescription: NT Layer DLL
762a0c.2cf4: \SystemRoot\System32\kernel32.dll:
763a0c.2cf4: CreationTime: 2020-10-14T15:41:50.085714300Z
764a0c.2cf4: LastWriteTime: 2020-10-14T15:41:50.135685400Z
765a0c.2cf4: ChangeTime: 2020-11-16T21:27:38.218148600Z
766a0c.2cf4: FileAttributes: 0x20
767a0c.2cf4: Size: 0xb04a0
768a0c.2cf4: NT Headers: 0xf8
769a0c.2cf4: Timestamp: 0x2d28261f
770a0c.2cf4: Machine: 0x8664 - amd64
771a0c.2cf4: Timestamp: 0x2d28261f
772a0c.2cf4: Image Version: 10.0
773a0c.2cf4: SizeOfImage: 0xb2000 (729088)
774a0c.2cf4: Resource Dir: 0xb0000 LB 0x520
775a0c.2cf4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
776a0c.2cf4: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
777a0c.2cf4: ProductName: Microsoft® Windows® Operating System
778a0c.2cf4: ProductVersion: 10.0.18362.1110
779a0c.2cf4: FileVersion: 10.0.18362.1110 (WinBuild.160101.0800)
780a0c.2cf4: FileDescription: Windows NT BASE API Client DLL
781a0c.2cf4: \SystemRoot\System32\KernelBase.dll:
782a0c.2cf4: CreationTime: 2020-10-14T15:42:29.628041900Z
783a0c.2cf4: LastWriteTime: 2020-10-14T15:42:29.814934200Z
784a0c.2cf4: ChangeTime: 2020-11-16T21:27:38.634087800Z
785a0c.2cf4: FileAttributes: 0x20
786a0c.2cf4: Size: 0x2a5a88
787a0c.2cf4: NT Headers: 0x100
788a0c.2cf4: Timestamp: 0xa8b891f5
789a0c.2cf4: Machine: 0x8664 - amd64
790a0c.2cf4: Timestamp: 0xa8b891f5
791a0c.2cf4: Image Version: 10.0
792a0c.2cf4: SizeOfImage: 0x2a5000 (2772992)
793a0c.2cf4: Resource Dir: 0x27f000 LB 0x548
794a0c.2cf4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
795a0c.2cf4: [Raw version resource data: 0x27f0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
796a0c.2cf4: ProductName: Microsoft® Windows® Operating System
797a0c.2cf4: ProductVersion: 10.0.18362.1139
798a0c.2cf4: FileVersion: 10.0.18362.1139 (WinBuild.160101.0800)
799a0c.2cf4: FileDescription: Windows NT BASE API Client DLL
800a0c.2cf4: \SystemRoot\System32\apisetschema.dll:
801a0c.2cf4: CreationTime: 2019-03-19T04:43:54.837151500Z
802a0c.2cf4: LastWriteTime: 2019-03-19T04:43:54.837151500Z
803a0c.2cf4: ChangeTime: 2020-11-16T21:27:38.195693000Z
804a0c.2cf4: FileAttributes: 0x20
805a0c.2cf4: Size: 0x1d028
806a0c.2cf4: NT Headers: 0xc8
807a0c.2cf4: Timestamp: 0xd6ced080
808a0c.2cf4: Machine: 0x8664 - amd64
809a0c.2cf4: Timestamp: 0xd6ced080
810a0c.2cf4: Image Version: 10.0
811a0c.2cf4: SizeOfImage: 0x1e000 (122880)
812a0c.2cf4: Resource Dir: 0x1d000 LB 0x408
813a0c.2cf4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
814a0c.2cf4: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
815a0c.2cf4: ProductName: Microsoft® Windows® Operating System
816a0c.2cf4: ProductVersion: 10.0.18362.1
817a0c.2cf4: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
818a0c.2cf4: FileDescription: ApiSet Schema DLL
819a0c.2cf4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
820a0c.2cf4: supR3HardenedWinFindAdversaries: 0x40
821a0c.2cf4: \SystemRoot\System32\drivers\klflt.sys:
822a0c.2cf4: CreationTime: 2020-07-26T21:02:52.601332800Z
823a0c.2cf4: LastWriteTime: 2020-08-12T13:07:54.541171700Z
824a0c.2cf4: ChangeTime: 2020-08-12T13:07:54.541171700Z
825a0c.2cf4: FileAttributes: 0x20
826a0c.2cf4: Size: 0x3d798
827a0c.2cf4: NT Headers: 0x100
828a0c.2cf4: Timestamp: 0x82e91c41
829a0c.2cf4: Machine: 0x8664 - amd64
830a0c.2cf4: Timestamp: 0x82e91c41
831a0c.2cf4: Image Version: 6.1
832a0c.2cf4: SizeOfImage: 0x4a000 (303104)
833a0c.2cf4: Resource Dir: 0x47000 LB 0x418
834a0c.2cf4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
835a0c.2cf4: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
836a0c.2cf4: ProductName: Coretech Delivery
837a0c.2cf4: ProductVersion: 30.437.60.0
838a0c.2cf4: FileVersion: 30.437.60.0
839a0c.2cf4: FileDescription: Filter Core [fre_win7_amd64]
840a0c.2cf4: \SystemRoot\System32\drivers\klif.sys:
841a0c.2cf4: CreationTime: 2020-07-26T21:02:52.712270600Z
842a0c.2cf4: LastWriteTime: 2020-08-12T13:07:54.986919300Z
843a0c.2cf4: ChangeTime: 2020-08-12T13:07:54.986919300Z
844a0c.2cf4: FileAttributes: 0x20
845a0c.2cf4: Size: 0xf3d98
846a0c.2cf4: NT Headers: 0xf8
847a0c.2cf4: Timestamp: 0x5ef8d291
848a0c.2cf4: Machine: 0x8664 - amd64
849a0c.2cf4: Timestamp: 0x5ef8d291
850a0c.2cf4: Image Version: 6.1
851a0c.2cf4: SizeOfImage: 0xf4000 (999424)
852a0c.2cf4: Resource Dir: 0xeb000 LB 0x33f8
853a0c.2cf4: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
854a0c.2cf4: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
855a0c.2cf4: ProductName: Coretech Delivery
856a0c.2cf4: ProductVersion: 30.437.60.0
857a0c.2cf4: FileVersion: 30.437.60.0
858a0c.2cf4: FileDescription: Core System Interceptors [fre_win7_amd64]
859a0c.2cf4: \SystemRoot\System32\drivers\klim6.sys:
860a0c.2cf4: CreationTime: 2019-03-19T10:21:06.000000000Z
861a0c.2cf4: LastWriteTime: 2019-03-19T10:21:06.000000000Z
862a0c.2cf4: ChangeTime: 2020-07-26T21:03:27.978256700Z
863a0c.2cf4: FileAttributes: 0x20
864a0c.2cf4: Size: 0xe350
865a0c.2cf4: NT Headers: 0xe0
866a0c.2cf4: Timestamp: 0x54ad405e
867a0c.2cf4: Machine: 0x8664 - amd64
868a0c.2cf4: Timestamp: 0x54ad405e
869a0c.2cf4: Image Version: 6.1
870a0c.2cf4: SizeOfImage: 0xb000 (45056)
871a0c.2cf4: Resource Dir: 0x9000 LB 0x430
872a0c.2cf4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
873a0c.2cf4: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
874a0c.2cf4: ProductName: Coretech Delivery
875a0c.2cf4: ProductVersion: 30.0.3724.0
876a0c.2cf4: FileVersion: 30.0.3724.0
877a0c.2cf4: FileDescription: Packet Network Filter [fre_win7_amd64]
878a0c.2cf4: \SystemRoot\System32\drivers\klkbdflt.sys:
879a0c.2cf4: CreationTime: 2020-05-21T00:30:30.000000000Z
880a0c.2cf4: LastWriteTime: 2020-05-21T00:30:30.000000000Z
881a0c.2cf4: ChangeTime: 2020-07-26T21:03:27.229869700Z
882a0c.2cf4: FileAttributes: 0x20
883a0c.2cf4: Size: 0x13790
884a0c.2cf4: NT Headers: 0xf8
885a0c.2cf4: Timestamp: 0x6193eeca
886a0c.2cf4: Machine: 0x8664 - amd64
887a0c.2cf4: Timestamp: 0x6193eeca
888a0c.2cf4: Image Version: 6.1
889a0c.2cf4: SizeOfImage: 0x12000 (73728)
890a0c.2cf4: Resource Dir: 0x10000 LB 0x440
891a0c.2cf4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
892a0c.2cf4: [Raw version resource data: 0x10060 LB 0x3dc, codepage 0x0 (reserved 0x0)]
893a0c.2cf4: ProductName: Coretech Delivery
894a0c.2cf4: ProductVersion: 30.256.110.0
895a0c.2cf4: FileVersion: 30.256.110.0
896a0c.2cf4: FileDescription: Keyboard Device Filter [fre_win7_amd64]
897a0c.2cf4: \SystemRoot\System32\drivers\klmouflt.sys:
898a0c.2cf4: CreationTime: 2019-03-18T04:50:34.000000000Z
899a0c.2cf4: LastWriteTime: 2019-03-18T04:50:34.000000000Z
900a0c.2cf4: ChangeTime: 2020-07-26T21:03:26.960532900Z
901a0c.2cf4: FileAttributes: 0x20
902a0c.2cf4: Size: 0xe878
903a0c.2cf4: NT Headers: 0xe8
904a0c.2cf4: Timestamp: 0xab7b625
905a0c.2cf4: Machine: 0x8664 - amd64
906a0c.2cf4: Timestamp: 0xab7b625
907a0c.2cf4: Image Version: 6.1
908a0c.2cf4: SizeOfImage: 0xe000 (57344)
909a0c.2cf4: Resource Dir: 0xc000 LB 0x430
910a0c.2cf4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
911a0c.2cf4: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
912a0c.2cf4: ProductName: Coretech Delivery
913a0c.2cf4: ProductVersion: 30.0.3716.0
914a0c.2cf4: FileVersion: 30.0.3716.0
915a0c.2cf4: FileDescription: Mouse Device Filter [fre_win7_amd64]
916a0c.2cf4: \SystemRoot\System32\drivers\kneps.sys:
917a0c.2cf4: CreationTime: 2020-05-21T00:30:30.000000000Z
918a0c.2cf4: LastWriteTime: 2020-08-12T13:07:55.177832800Z
919a0c.2cf4: ChangeTime: 2020-08-12T13:07:55.177832800Z
920a0c.2cf4: FileAttributes: 0x20
921a0c.2cf4: Size: 0x38f98
922a0c.2cf4: NT Headers: 0x108
923a0c.2cf4: Timestamp: 0x5f4eb836
924a0c.2cf4: Machine: 0x8664 - amd64
925a0c.2cf4: Timestamp: 0x5f4eb836
926a0c.2cf4: Image Version: 6.1
927a0c.2cf4: SizeOfImage: 0x38000 (229376)
928a0c.2cf4: Resource Dir: 0x35000 LB 0x428
929a0c.2cf4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
930a0c.2cf4: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
931a0c.2cf4: ProductName: Coretech Delivery
932a0c.2cf4: ProductVersion: 30.437.53.0
933a0c.2cf4: FileVersion: 30.437.53.0
934a0c.2cf4: FileDescription: Network Processor [fre_win7_amd64]
935a0c.2cf4: \SystemRoot\System32\klfphc.dll:
936a0c.2cf4: CreationTime: 2020-07-26T21:03:25.440937400Z
937a0c.2cf4: LastWriteTime: 2013-05-06T11:13:26.000000000Z
938a0c.2cf4: ChangeTime: 2020-07-26T21:03:02.615376700Z
939a0c.2cf4: FileAttributes: 0x20
940a0c.2cf4: Size: 0x1ae60
941a0c.2cf4: NT Headers: 0xe8
942a0c.2cf4: Timestamp: 0x51873bf2
943a0c.2cf4: Machine: 0x8664 - amd64
944a0c.2cf4: Timestamp: 0x51873bf2
945a0c.2cf4: Image Version: 0.0
946a0c.2cf4: SizeOfImage: 0x1d000 (118784)
947a0c.2cf4: Resource Dir: 0x18000 LB 0x3c80
948a0c.2cf4: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
949a0c.2cf4: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
950a0c.2cf4: ProductName: Kaspersky™ Anti-Virus ®
951a0c.2cf4: ProductVersion: 1.0.0.12
952a0c.2cf4: FileVersion: 1.0.0.12
953a0c.2cf4: FileDescription: Filtering Platform Helper Class
954a0c.2cf4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Programs\VirtualBox'
955a0c.2cf4: Calling main()
956a0c.2cf4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
957a0c.2cf4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Programs\VirtualBox'
958a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
959a0c.2cf4: '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe' has no imports
960a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe)
961a0c.2cf4: SUPR3HardenedMain: Final process, opening VBoxDrv...
962a0c.2cf4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000c00000 LB 0x400000)
963a0c.2cf4: supR3HardNtEnableThreadCreationEx:
964a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
965a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll)
966a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll
967a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
968a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
969a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa32900000 LB 0x00005000 D:\Programs\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
970a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
971a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
972a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
973a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa32900000 'D:\Programs\VirtualBox\VBoxSupLib.DLL'
974a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
975a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
976a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa32900000 'D:\Programs\VirtualBox\VBoxSupLib.DLL'
977a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa32900000 'D:\Programs\VirtualBox\VBoxSupLib.DLL'
978a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
979a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
980a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
981a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
982a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
983a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
984a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
985a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
986a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
987a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
988a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
989a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
990a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
991a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
992a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
993a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
994a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
995a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
996a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
997a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
998a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
999a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
1000a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1001a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
1002a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
1003a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1004a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1005a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa36910000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
1006a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1007a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa349e0000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
1008a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1009a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa34e60000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
1010a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ucrtbase.dll)
1011a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ucrtbase.dll
1012a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa34d10000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
1013a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1014a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa37480000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
1015a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1016a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa34a70000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
1017a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1018a0c.2cf4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
1019a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1020a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35840000 'api-ms-win-core-synch-l1-2-0'
1021a0c.2cf4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
1022a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1023a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35840000 'api-ms-win-core-fibers-l1-1-1'
1024a0c.2cf4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
1025a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1026a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35840000 'api-ms-win-core-fibers-l1-1-1'
1027a0c.2cf4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
1028a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1029a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35840000 'api-ms-win-core-synch-l1-2-0'
1030a0c.2cf4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
1031a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1032a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35840000 'api-ms-win-core-localization-l1-2-1'
1033a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34a70000 'C:\WINDOWS\system32\Wintrust.dll'
1034a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
1035a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
1036a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1037a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa35af0000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
1038a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1039a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35af0000 'C:\WINDOWS\system32\bcrypt.dll'
1040a0c.2cf4: bcrypt.dll loaded at 00007ffa35af0000, BCryptOpenAlgorithmProvider at 00007ffa35af4c70, preloading providers:
1041a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
1042a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
1043a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1044a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa35b20000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
1045a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1046a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa35b20000 'C:\WINDOWS\system32\bcryptprimitives.dll'
1047a0c.2cf4: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000010fdbd0)
1048a0c.2cf4: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=00000000010ff140)
1049a0c.2cf4: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000010ff440)
1050a0c.2cf4: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000010ff740)
1051a0c.2cf4: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000010ffa40)
1052a0c.2cf4: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=00000000010ffd40)
1053a0c.2cf4: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000001100040)
1054a0c.2cf4: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000001100340)
1055a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa34f60000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
1056a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
1057a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
1058a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
1059a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
1060a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
1061a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1062a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1063a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1064a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1065a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1066a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa33d60000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
1067a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1068a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1069a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
1070a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
1071a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
1072a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa343c0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
1073a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1074a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1075a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1076a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1077a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1078a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1079a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa360a0000 'C:\WINDOWS\System32\kernel32.dll'
1080a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1081a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1082a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34a70000 'C:\WINDOWS\System32\WINTRUST.DLL'
1083a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1084a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1085a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\CRYPT32.dll'
1086a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa37860000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
1087a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
1088a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
1089a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
1090a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1091a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1092a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1093a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1094a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1095a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1096a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa37750000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
1097a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
1098a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
1099a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
1100a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1101a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1102a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
1103a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
1104a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa33590000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
1105a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1106a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa349b0000 LB 0x00023000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
1107a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
1108a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
1109a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1110a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
1111a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
1112a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1113a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1114a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1115a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1116a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1117a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1118a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1119a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1120a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1121a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1122a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1123a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1124a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1125a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1126a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1127a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1128a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1129a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa0afb0000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
1131a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1132a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1133a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1134a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1135a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1136a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1137a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1138a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1139a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1140a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1141a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1142a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1143a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1144a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1145a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1146a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1147a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1148a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1149a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1150a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1151a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1152a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1153a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1154a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1155a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1156a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1157a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1158a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1159a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1160a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\WINDOWS\System32\cryptnet.dll'
1161a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1162a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0afb0000 'C:\Windows\System32\cryptnet.dll'
1163a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa375d0000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
1164a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1165a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
1166a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
1167a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
1168a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1169a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1170a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1171a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1172a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1173a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
1174a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume2\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
1175a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1176a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1177a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1178a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1179a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1180a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1181a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1182a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1183a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1184a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1185a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000011a0380
1186a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000011a0380
1187a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F0BC8053E84666DD00B73F2861A22FB7C33BA49B
1188a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1189a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1190a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa37480000 'C:\WINDOWS\System32\rpcrt4.dll'
1191a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1192a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000119f900
1193a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119f900
1194a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=C6B2B4CE04D1561A822C7138100DBD6528A46F4B099B8B3D330C5AF2A1140726
1195a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1196a0c.2cf4: g_pfnWinVerifyTrust=00007ffa34a71d30
1197a0c.2cf4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1198a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1199a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1200a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1201a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1202a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1203a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1204a0c.2cf4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
1205a0c.2cf4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1206a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1207a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1208a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1209a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1210a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1211a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1212a0c.2cf4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
1213a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1214a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1215a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1216a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1217a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1218a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1219a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
1220a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000394 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
1221a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000011a0380
1222a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000011a0380
1223a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
1224a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1225a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000119fa80
1226a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119fa80
1227a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
1228a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1229a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000119f900
1230a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119f900
1231a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=22186588BDA4845FA9E0DBF8BEA457D094106A66CEA15B5F867FB5BDCE35A45C
1232a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1233a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000119fb40
1234a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119fb40
1235a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=22186588BDA4845FA9E0DBF8BEA457D094106A66CEA15B5F867FB5BDCE35A45C
1236a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1237a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
1238a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
1239a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1240a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1241a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1242a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1243a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
1244a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1245a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1246a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1247a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
1248a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1249a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1250a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1251a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
1252a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1253a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1254a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1255a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
1256a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1257a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1258a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1259a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
1260a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1261a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1262a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1263a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
1264a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1265a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1266a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
1267a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1268a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1269a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1270a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1271a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
1272a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
1273a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1274a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1275a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1276a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
1277a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1278a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1279a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ucrtbase.dll'
1280a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1281a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1282a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
1283a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1284a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1285a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
1286a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1287a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1288a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
1289a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1290a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Programs\VirtualBox\VBoxSupLib.dll'
1291a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1292a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.exe'
1293a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1294a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1295a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
1296a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1297a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1298a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
1299a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\system32\crypt32.dll'
1300a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1301a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1302a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1303a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
1304a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1305a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xc052a853187eb800 CN=Warsaw Personal CA
1306a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1307a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xad7c14a730fcb800 O=AO Kaspersky Lab, CN=Kaspersky Anti-Virus Personal Root Certificate
1308a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
1309a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1310a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
1311a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xa12b07674f1bf600 C=US, O=AffirmTrust, CN=AffirmTrust Commercial
1312a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
1313a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1314a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1315a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1316a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1317a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1318a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1319a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1320a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1321a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1322a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
1323a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1324a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
1325a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xcb7d2ba3dd0ff900 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA
1326a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1327a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1328a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1329a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1330a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1331a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x40e7dd0ea446ba00 C=BR, O=ICP-Brasil, OU=Instituto Nacional de Tecnologia da Informacao - ITI, CN=Autoridade Certificadora Raiz Brasileira v2
1332a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1333a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1334a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
1335a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1336a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xef62113787ebace5 C=US, O=GeoTrust Inc., OU=(c) 2007 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G2
1337a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1338a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1339a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xabd0695c5d11d15e C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority - G2, OU=(c) 1998 VeriSign, Inc. - For authorized use only, OU=VeriSign Trust Network
1340a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1341a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1342a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xc66d30927ebce400 C=US, O=Network Solutions L.L.C., CN=Network Solutions Certificate Authority
1343a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1344a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1345a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1346a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
1347a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
1348a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1349a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1350a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1351a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1352a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1353a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1354a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1355a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1356a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1357a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
1358a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
1359a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
1360a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1361a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1362a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1363a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
1364a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1365a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x39bb496d7f0fc200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Development Root Certificate Authority 2014
1366a0c.2cf4: supR3HardenedWinIsDesiredRootCA: Adding 0x90c7c28610d2ed15 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Development Root Certificate Authority 2018
1367a0c.2cf4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=67
1368a0c.2cf4: SUPR3HardenedMain: Load Runtime...
1369a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
1370a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1371a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1372a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1373a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1374a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1375a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll) WinVerifyTrust
1376a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1377a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1378a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1379a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1380a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1381a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1382a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
1383a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1384a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1385a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1386a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1387a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1388a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1389a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
1390a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1391a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1392a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1393a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1394a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1395a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll) WinVerifyTrust
1396a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1397a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1398a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1399a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1400a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1401a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1402a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1403a0c.2cf4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1404a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll)
1405a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1406a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1407a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll) WinVerifyTrust
1408a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1409a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1410a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1411a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1412a0c.2cf4: supR3HardenedDllNotificationCallback: load 000000005a4e0000 LB 0x000d2000 D:\Programs\VirtualBox\MSVCR100.dll [fFlags=0x0]
1413a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1414a0c.2cf4: supR3HardenedDllNotificationCallback: load 0000000059960000 LB 0x00098000 D:\Programs\VirtualBox\MSVCP100.dll [fFlags=0x0]
1415a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1416a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ffa36750000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
1417a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1418a0c.2cf4: supR3HardenedDllNotificationCallback: load 00007ff9f3230000 LB 0x005e1000 D:\Programs\VirtualBox\VBoxRT.dll [fFlags=0x0]
1419a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1420a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1421a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1422a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1423a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1424a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1425a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1426a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1427a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1428a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1429a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1430a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1431a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1432a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1433a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1434a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1435a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1436a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1437a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1438a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1439a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1440a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1441a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1442a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1443a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1444a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1445a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1446a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1447a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1448a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1449a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1450a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1451a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1452a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1453a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1454a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1455a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1456a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1457a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1458a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1459a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1460a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1461a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1462a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1463a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1464a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1465a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1466a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1467a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1468a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1469a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1470a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1471a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1472a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1473a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1474a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1475a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1476a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1477a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1478a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1479a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1480a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1481a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1482a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1483a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1484a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1485a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1486a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1487a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1488a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1489a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1490a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1491a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1492a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1493a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1494a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1495a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1496a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1497a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1498a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1499a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1500a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1501a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1502a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1503a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1504a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1505a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1506a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1507a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1508a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1509a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1510a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1511a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1512a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1513a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1514a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1515a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1516a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1517a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1518a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1519a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1520a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1521a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1522a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1523a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1524a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1525a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1526a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1527a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1528a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1529a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1530a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1531a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1532a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1533a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1534a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1535a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1536a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1537a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1538a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1539a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1540a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1541a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1542a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1543a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1544a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1545a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1546a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1547a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1548a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1549a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1550a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1551a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1552a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1553a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1554a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1555a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1556a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1557a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1558a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1559a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1560a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1561a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1562a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1563a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1564a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1565a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1566a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1567a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1568a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1569a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1570a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1571a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1572a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1573a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1574a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1575a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1576a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1577a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1578a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1579a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1580a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1581a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VBoxRT.dll
1582a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1583a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1584a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1585a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1586a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1587a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1588a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1589a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1590a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1591a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1592a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1593a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1594a0c.2cf4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'.
1595a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rescheduled]
1596a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f3230000 'D:\Programs\VirtualBox\VBoxRT.dll'
1597a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1598a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll'
1599a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1600a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1601a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34a70000 'C:\WINDOWS\system32\Wintrust.dll'
1602a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1603a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1604a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\system32\crypt32.dll'
1605a0c.2cf4: SUPR3HardenedMain: Load TrustedMain...
1606a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
1607a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1608a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1609a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1610a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1611a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1612a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1613a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1614a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1615a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1616a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1617a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1618a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1619a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1620a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1621a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1622a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.dll
1623a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1624a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1625a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
1626a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1627a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1628a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1629a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1630a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1631a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
1632a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1633a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1634a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1635a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1636a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1637a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1638a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1639a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1640a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1641a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1642a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmmbase.dll)
1643a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmmbase.dll
1644a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1645a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1646a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1647a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1648a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1649a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1650a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1651a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
1652a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
1653a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1654a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1655a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1656a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1657a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1658a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1659a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1660a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1661a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1662a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'.
1663a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\combase.dll)
1664a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\combase.dll
1665a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1666a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1667a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1668a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll)
1669a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
1670a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1671a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1672a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
1673a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1674a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1675a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1676a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1677a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
1678a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
1679a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
1680a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
1681a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
1682a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
1683a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1684a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1685a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1686a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1687a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
1688a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1689a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1690a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1691a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1692a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1693a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
1694a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
1695a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1696a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1697a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1698a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
1699a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
1700a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1701a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1702a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1703a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1704a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1705a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1706a0c.2cf4: '\Device\HarddiskVolume2\Windows\System32\win32u.dll' has no imports
1707a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\win32u.dll)
1708a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\win32u.dll
1709a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1710a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1711a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1712a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1713a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1714a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1715a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1716a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
1717a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1718a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1719a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll) WinVerifyTrust
1720a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1721a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1722a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
1723a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1724a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1725a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1726a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1727a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1728a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1729a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1730a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1731a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1732a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1733a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1734a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1735a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5OpenGLVBox.dll
1736a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1737a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1738a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1739a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1740a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1741a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1742a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1743a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1744a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
1745a0c.2cf4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll'.
1746a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1747a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1748a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1749a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1750a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1751a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1752a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1753a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1754a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll)
1755a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll
1756a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1757a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1758a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
1759a0c.2cf4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll'.
1760a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1761a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1762a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1763a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1764a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1765a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1766a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1767a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll)
1768a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll
1769a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1770a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1771a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1772a0c.2cf4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll'.
1773a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1774a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1775a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1776a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1777a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1778a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1779a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1780a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll)
1781a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll
1782a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1783a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1784a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1785a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1786a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1787a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1788a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1789a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1790a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1791a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
1792a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
1793a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)
1794a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1795a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1796a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1797a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1798a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1799a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1800a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1801a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1802a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1803a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1804a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1805a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1806a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1807a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1808a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1809a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1810a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1811a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1812a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1813a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1814a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1815a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1816a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1817a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1818a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1819a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1820a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1821a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1822a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1823a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1824a0c.2cf4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'.
1825a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1826a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1827a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1828a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1829a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
1830a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)
1831a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1832a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1833a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1834a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1835a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1836a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1837a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1838a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1839a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1840a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1841a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1842a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1843a0c.2cf4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1844a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll)
1845a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
1846a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1847a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1848a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1849a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1850a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1851a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1852a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1853a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1854a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1855a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1856a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1857a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1858a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1859a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1860a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1861a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1862a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1863a0c.2cf4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1864a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1865a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1866a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1867a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)
1868a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1869a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1870a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1871a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1872a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1873a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1874a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1875a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1876a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1877a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1878a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1879a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1880a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1881a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1882a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1883a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1884a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1885a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1886a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1887a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1888a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1889a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1890a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1891a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1892a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1893a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1894a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1895a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1896a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1897a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1898a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1899a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1900a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1901a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1902a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1903a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1904a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1905a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1906a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1907a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1908a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1909a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1910a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1911a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1912a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1913a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1914a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1915a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1916a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1917a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1918a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1919a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1920a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1921a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1922a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1923a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1924a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1925a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1926a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1927a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1928a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1929a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1930a0c.2cf4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll'
1931a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1932a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1933a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1934a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1935a0c.2cf4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll'
1936a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1937a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1938a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll
1939a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1940a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1941a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\msvcp100.dll
1942a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1943a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1944a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1945a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1946a0c.2cf4: \Device\HarddiskVolume4\Programs\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
1947a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1948a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1949a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1950a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1951a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1952a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1953a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1954a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1955a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1956a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1957a0c.2cf4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1958a0c.2cf4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Programs\VirtualBox\UICommon.dll) WinVerifyTrust
1959a0c.2cf4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Programs\VirtualBox\UICommon.dll
1960a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1961a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1962a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1963a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000044c pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1964a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000119fa80
1965a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119fa80
1966a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1967a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1968a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000011a0380
1969a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000011a0380
1970a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1971a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1972a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000119fb40
1973a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119fb40
1974a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=6622493BDCECA5422FCE0B921D6626202D89C04B3EFCC5A76BF19A9905D8BD33
1975a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1976a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000119fa80
1977a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119fa80
1978a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=6622493BDCECA5422FCE0B921D6626202D89C04B3EFCC5A76BF19A9905D8BD33
1979a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1980a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
1981a0c.2cf4: supR3HardenedScreenImage/Imports: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1982a0c.2cf4: Error (rc=0):
1983a0c.2cf4: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1984a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1985a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1986a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1987a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1988a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1989a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1990a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1991a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1992a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1993a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1994a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1995a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1996a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1997a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [redoing WinVerifyTrust]
1998a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
1999a0c.2cf4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
2000a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2001a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2002a0c.2cf4: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
2003a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
2004a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
2005a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll [redoing WinVerifyTrust]
2006a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2007a0c.2cf4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Programs\VirtualBox\Qt5WidgetsVBox.dll'
2008a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2009a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2010a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5GuiVBox.dll
2011a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2012a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2013a0c.2cf4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\Qt5CoreVBox.dll
2014a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2015a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2016a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2017a0c.2cf4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Programs\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2018a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Programs\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
2019a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Programs\VirtualBox\VirtualBoxVM.dll
2020a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2021a0c.2cf4: Error (rc=0):
2022a0c.2cf4: supR3HardenedScreenImage/NtCreateSection: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x10 fAccess=0xd cHits=3 \Device\HarddiskVolume2\Windows\System32\opengl32.dll
2023a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'D:\Programs\VirtualBox\VirtualBoxVM.dll'
2024a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003cc pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
2025a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000011a0380
2026a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000011a0380
2027a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2028a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
2029a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000119f540
2030a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119f540
2031a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2032a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
2033a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000119fa80
2034a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119fa80
2035a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=41D97903DE3C10BFE43059393A6DD1DB671F42BFA9627D4C98589CCC6ADA69C2
2036a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
2037a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000119f6c0
2038a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000119f6c0
2039a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=41D97903DE3C10BFE43059393A6DD1DB671F42BFA9627D4C98589CCC6ADA69C2
2040a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
2041a0c.2cf4: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
2042a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll'
2043a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2044a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2045a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll'
2046a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2047a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2048a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
2049a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2050a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2051a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll'
2052a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2053a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2054a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
2055a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2056a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2057a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'
2058a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2059a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2060a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\combase.dll'
2061a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa33d60000 'C:\WINDOWS\system32\rsaenh.dll'
2062a0c.2cf4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa34d10000 'C:\WINDOWS\System32\crypt32.dll'
2063a0c.2cf4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'
2064a0c.2cf4: Fatal error:
2065a0c.2cf4: supR3HardenedMainGetTrustedMain: LoadLibrary "D:\Programs\VirtualBox/VirtualBoxVM.dll" failed, rc=1790
20661bcc.2eb8: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2848 ms, the end);
20671bb0.2dd8: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 3681 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy