VirtualBox

Ticket #20181: VBoxHardening.log

File VBoxHardening.log, 220.6 KB (added by Tim_B, 4 years ago)
Line 
12d88.4da0: Log file opened: 6.1.18r142142 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa04a6200
22d88.4da0: \SystemRoot\System32\ntdll.dll:
32d88.4da0: CreationTime: 2021-02-10T08:58:42.901506300Z
42d88.4da0: LastWriteTime: 2021-02-10T08:58:42.938596800Z
52d88.4da0: ChangeTime: 2021-02-10T09:05:05.536104000Z
62d88.4da0: FileAttributes: 0x20
72d88.4da0: Size: 0x1ee738
82d88.4da0: NT Headers: 0xe8
92d88.4da0: Timestamp: 0x4544b4a1
102d88.4da0: Machine: 0x8664 - amd64
112d88.4da0: Timestamp: 0x4544b4a1
122d88.4da0: Image Version: 10.0
132d88.4da0: SizeOfImage: 0x1f6000 (2056192)
142d88.4da0: Resource Dir: 0x185000 LB 0x6fd28
152d88.4da0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
162d88.4da0: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
172d88.4da0: ProductName: Microsoft® Windows® Operating System
182d88.4da0: ProductVersion: 10.0.19041.804
192d88.4da0: FileVersion: 10.0.19041.804 (WinBuild.160101.0800)
202d88.4da0: FileDescription: NT Layer DLL
212d88.4da0: \SystemRoot\System32\kernel32.dll:
222d88.4da0: CreationTime: 2021-02-10T08:58:25.426714300Z
232d88.4da0: LastWriteTime: 2021-02-10T08:58:25.442671300Z
242d88.4da0: ChangeTime: 2021-02-10T09:04:58.116182100Z
252d88.4da0: FileAttributes: 0x20
262d88.4da0: Size: 0xbac30
272d88.4da0: NT Headers: 0xe8
282d88.4da0: Timestamp: 0xd714134a
292d88.4da0: Machine: 0x8664 - amd64
302d88.4da0: Timestamp: 0xd714134a
312d88.4da0: Image Version: 10.0
322d88.4da0: SizeOfImage: 0xbd000 (774144)
332d88.4da0: Resource Dir: 0xbb000 LB 0x520
342d88.4da0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
352d88.4da0: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
362d88.4da0: ProductName: Microsoft® Windows® Operating System
372d88.4da0: ProductVersion: 10.0.19041.804
382d88.4da0: FileVersion: 10.0.19041.804 (WinBuild.160101.0800)
392d88.4da0: FileDescription: Windows NT BASE API Client DLL
402d88.4da0: \SystemRoot\System32\KernelBase.dll:
412d88.4da0: CreationTime: 2021-02-10T08:58:43.707640700Z
422d88.4da0: LastWriteTime: 2021-02-10T08:58:43.772474700Z
432d88.4da0: ChangeTime: 2021-02-10T09:05:03.762498300Z
442d88.4da0: FileAttributes: 0x20
452d88.4da0: Size: 0x2c9798
462d88.4da0: NT Headers: 0xf0
472d88.4da0: Timestamp: 0xe9c5eae
482d88.4da0: Machine: 0x8664 - amd64
492d88.4da0: Timestamp: 0xe9c5eae
502d88.4da0: Image Version: 10.0
512d88.4da0: SizeOfImage: 0x2c9000 (2920448)
522d88.4da0: Resource Dir: 0x2a0000 LB 0x548
532d88.4da0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
542d88.4da0: [Raw version resource data: 0x2a00b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
552d88.4da0: ProductName: Microsoft® Windows® Operating System
562d88.4da0: ProductVersion: 10.0.19041.804
572d88.4da0: FileVersion: 10.0.19041.804 (WinBuild.160101.0800)
582d88.4da0: FileDescription: Windows NT BASE API Client DLL
592d88.4da0: \SystemRoot\System32\apisetschema.dll:
602d88.4da0: CreationTime: 2019-12-07T09:08:13.518339400Z
612d88.4da0: LastWriteTime: 2019-12-07T09:08:13.518339400Z
622d88.4da0: ChangeTime: 2021-02-10T08:59:44.500161100Z
632d88.4da0: FileAttributes: 0x20
642d88.4da0: Size: 0x1f538
652d88.4da0: NT Headers: 0xd0
662d88.4da0: Timestamp: 0x31288ce0
672d88.4da0: Machine: 0x8664 - amd64
682d88.4da0: Timestamp: 0x31288ce0
692d88.4da0: Image Version: 10.0
702d88.4da0: SizeOfImage: 0x20000 (131072)
712d88.4da0: Resource Dir: 0x1f000 LB 0x408
722d88.4da0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
732d88.4da0: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
742d88.4da0: ProductName: Microsoft® Windows® Operating System
752d88.4da0: ProductVersion: 10.0.19041.1
762d88.4da0: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
772d88.4da0: FileDescription: ApiSet Schema DLL
782d88.4da0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
792d88.4da0: supR3HardenedWinFindAdversaries: 0x0
802d88.4da0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
812d88.4da0: Calling main()
822d88.4da0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
832d88.4da0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
842d88.4da0: SUPR3HardenedMain: Respawn #1
852d88.4da0: System32: \Device\HarddiskVolume3\Windows\System32
862d88.4da0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
872d88.4da0: KnownDllPath: C:\WINDOWS\System32
882d88.4da0: supR3HardenedWinInit: Performing a limited self purification...
892d88.4da0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
902d88.4da0: *0000000000000000-000000000004ffff 0x0001/0x0000 0x0000000
912d88.4da0: *0000000000050000-000000000005ffff 0x0004/0x0004 0x0040000
922d88.4da0: *0000000000060000-0000000000060fff 0x0002/0x0002 0x0040000
932d88.4da0: 0000000000061000-000000000006ffff 0x0001/0x0000 0x0000000
942d88.4da0: *0000000000070000-000000000008cfff 0x0002/0x0002 0x0040000
952d88.4da0: 000000000008d000-000000000008ffff 0x0001/0x0000 0x0000000
962d88.4da0: *0000000000090000-0000000000148fff 0x0000/0x0004 0x0020000
972d88.4da0: 0000000000149000-000000000014bfff 0x0104/0x0004 0x0020000
982d88.4da0: 000000000014c000-000000000018ffff 0x0004/0x0004 0x0020000
992d88.4da0: *0000000000190000-0000000000193fff 0x0002/0x0002 0x0040000
1002d88.4da0: 0000000000194000-000000000019ffff 0x0001/0x0000 0x0000000
1012d88.4da0: *00000000001a0000-00000000001a1fff 0x0004/0x0004 0x0020000
1022d88.4da0: 00000000001a2000-00000000001affff 0x0001/0x0000 0x0000000
1032d88.4da0: *00000000001b0000-00000000001b0fff 0x0002/0x0002 0x0040000
1042d88.4da0: 00000000001b1000-00000000001bffff 0x0001/0x0000 0x0000000
1052d88.4da0: *00000000001c0000-00000000001c0fff 0x0004/0x0004 0x0020000
1062d88.4da0: 00000000001c1000-00000000001cffff 0x0001/0x0000 0x0000000
1072d88.4da0: *00000000001d0000-00000000001d0fff 0x0002/0x0004 0x0020000
1082d88.4da0: 00000000001d1000-00000000001d1fff 0x0020/0x0004 0x0020000 !!
1092d88.4da0: 00000000001d2000-00000000001dffff 0x0001/0x0000 0x0000000
1102d88.4da0: *00000000001e0000-00000000001e0fff 0x0002/0x0004 0x0020000
1112d88.4da0: 00000000001e1000-00000000001e1fff 0x0020/0x0004 0x0020000 !!
1122d88.4da0: 00000000001e2000-00000000001effff 0x0001/0x0000 0x0000000
1132d88.4da0: *00000000001f0000-00000000001f0fff 0x0004/0x0004 0x0020000
1142d88.4da0: 00000000001f1000-00000000001fffff 0x0001/0x0000 0x0000000
1152d88.4da0: *0000000000200000-0000000000245fff 0x0000/0x0004 0x0020000
1162d88.4da0: 0000000000246000-0000000000248fff 0x0004/0x0004 0x0020000
1172d88.4da0: 0000000000249000-00000000003fffff 0x0000/0x0004 0x0020000
1182d88.4da0: 0000000000400000-000000000040ffff 0x0001/0x0000 0x0000000
1192d88.4da0: *0000000000410000-0000000000415fff 0x0004/0x0004 0x0020000
1202d88.4da0: 0000000000416000-000000000050ffff 0x0000/0x0004 0x0020000
1212d88.4da0: *0000000000510000-00000000005d8fff 0x0002/0x0002 0x0040000
1222d88.4da0: 00000000005d9000-00000000005dffff 0x0001/0x0000 0x0000000
1232d88.4da0: *00000000005e0000-00000000005e1fff 0x0004/0x0004 0x0020000
1242d88.4da0: 00000000005e2000-0000000000611fff 0x0000/0x0004 0x0020000
1252d88.4da0: 0000000000612000-000000000061ffff 0x0001/0x0000 0x0000000
1262d88.4da0: *0000000000620000-0000000000621fff 0x0004/0x0004 0x0020000
1272d88.4da0: 0000000000622000-0000000000651fff 0x0000/0x0004 0x0020000
1282d88.4da0: 0000000000652000-000000000065ffff 0x0001/0x0000 0x0000000
1292d88.4da0: *0000000000660000-0000000000660fff 0x0004/0x0004 0x0020000
1302d88.4da0: 0000000000661000-0000000000691fff 0x0000/0x0004 0x0020000
1312d88.4da0: 0000000000692000-00000000006cffff 0x0001/0x0000 0x0000000
1322d88.4da0: *00000000006d0000-000000000078ffff 0x0004/0x0004 0x0020000
1332d88.4da0: 0000000000790000-000000000079ffff 0x0000/0x0004 0x0020000
1342d88.4da0: *00000000007a0000-00000000007a0fff 0x0004/0x0004 0x0020000
1352d88.4da0: 00000000007a1000-00000000007d1fff 0x0000/0x0004 0x0020000
1362d88.4da0: 00000000007d2000-00000000007dffff 0x0001/0x0000 0x0000000
1372d88.4da0: *00000000007e0000-00000000007e1fff 0x0004/0x0004 0x0020000
1382d88.4da0: 00000000007e2000-0000000000811fff 0x0000/0x0004 0x0020000
1392d88.4da0: 0000000000812000-00000000008dffff 0x0001/0x0000 0x0000000
1402d88.4da0: *00000000008e0000-000000000099ffff 0x0004/0x0004 0x0020000
1412d88.4da0: 00000000009a0000-00000000009affff 0x0000/0x0004 0x0020000
1422d88.4da0: *00000000009b0000-00000000009ccfff 0x0004/0x0004 0x0020000
1432d88.4da0: 00000000009cd000-0000000000aaffff 0x0000/0x0004 0x0020000
1442d88.4da0: 0000000000ab0000-0000000000b2ffff 0x0001/0x0000 0x0000000
1452d88.4da0: *0000000000b30000-0000000000b3efff 0x0004/0x0004 0x0020000
1462d88.4da0: 0000000000b3f000-0000000000b3ffff 0x0000/0x0004 0x0020000
1472d88.4da0: 0000000000b40000-0000000000b9ffff 0x0001/0x0000 0x0000000
1482d88.4da0: *0000000000ba0000-0000000000ba4fff 0x0004/0x0004 0x0020000
1492d88.4da0: 0000000000ba5000-0000000000f9ffff 0x0000/0x0004 0x0020000
1502d88.4da0: 0000000000fa0000-000000000102ffff 0x0001/0x0000 0x0000000
1512d88.4da0: *0000000001030000-0000000001057fff 0x0004/0x0004 0x0020000
1522d88.4da0: 0000000001058000-000000000142ffff 0x0000/0x0004 0x0020000
1532d88.4da0: *0000000001430000-000000000143cfff 0x0000/0x0004 0x0020000
1542d88.4da0: 000000000143d000-0000000001633fff 0x0004/0x0004 0x0020000
1552d88.4da0: 0000000001634000-0000000001634fff 0x0000/0x0004 0x0020000
1562d88.4da0: 0000000001635000-000000007ffdffff 0x0001/0x0000 0x0000000
1572d88.4da0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
1582d88.4da0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
1592d88.4da0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
1602d88.4da0: 000000007fff0000-00007ff4096effff 0x0001/0x0000 0x0000000
1612d88.4da0: *00007ff4096f0000-00007ff4096f0fff 0x0004/0x0004 0x0020000
1622d88.4da0: 00007ff4096f1000-00007ff4096fffff 0x0001/0x0000 0x0000000
1632d88.4da0: *00007ff409700000-00007ff40970ffff 0x0002/0x0002 0x0020000
1642d88.4da0: *00007ff409710000-00007ff409710fff 0x0002/0x0002 0x0020000
1652d88.4da0: 00007ff409711000-00007ff409712fff 0x0020/0x0002 0x0020000 !!
1662d88.4da0: 00007ff409713000-00007ff40971ffff 0x0001/0x0000 0x0000000
1672d88.4da0: *00007ff409720000-00007ff409724fff 0x0002/0x0002 0x0040000
1682d88.4da0: 00007ff409725000-00007ff40981ffff 0x0000/0x0002 0x0040000
1692d88.4da0: *00007ff409820000-00007ff50983ffff 0x0000/0x0004 0x0020000
1702d88.4da0: *00007ff509840000-00007ff50b83ffff 0x0000/0x0004 0x0020000
1712d88.4da0: 00007ff50b840000-00007ff50b840fff 0x0004/0x0004 0x0020000
1722d88.4da0: 00007ff50b841000-00007ff50b84ffff 0x0001/0x0000 0x0000000
1732d88.4da0: *00007ff50b850000-00007ff50b850fff 0x0020/0x0004 0x0020000 !!
1742d88.4da0: 00007ff50b851000-00007ff50b85ffff 0x0001/0x0000 0x0000000
1752d88.4da0: *00007ff50b860000-00007ff50b860fff 0x0002/0x0002 0x0040000
1762d88.4da0: 00007ff50b861000-00007ff50b86ffff 0x0001/0x0000 0x0000000
1772d88.4da0: *00007ff50b870000-00007ff50b892fff 0x0002/0x0002 0x0040000
1782d88.4da0: 00007ff50b893000-00007ff6d0f8ffff 0x0001/0x0000 0x0000000
1792d88.4da0: *00007ff6d0f90000-00007ff6d0f90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1802d88.4da0: 00007ff6d0f91000-00007ff6d1007fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1812d88.4da0: 00007ff6d1008000-00007ff6d1008fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1822d88.4da0: 00007ff6d1009000-00007ff6d1051fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1832d88.4da0: 00007ff6d1052000-00007ff6d1054fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1842d88.4da0: 00007ff6d1055000-00007ff6d1057fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1852d88.4da0: 00007ff6d1058000-00007ff6d105afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1862d88.4da0: 00007ff6d105b000-00007ff6d105bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1872d88.4da0: 00007ff6d105c000-00007ff6d105dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1882d88.4da0: 00007ff6d105e000-00007ff6d105efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1892d88.4da0: 00007ff6d105f000-00007ff6d10a7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1902d88.4da0: 00007ff6d10a8000-00007ffd5df6ffff 0x0001/0x0000 0x0000000
1912d88.4da0: *00007ffd5df70000-00007ffd5df70fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
1922d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5df70000 LB 0x1000 (base 00007ffd5df70000) - 'atcuf64.dll'
1932d88.4da0: 00007ffd5df71000-00007ffd5dfb6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
1942d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5df71000 LB 0x46000 (base 00007ffd5df70000) - 'atcuf64.dll'
1952d88.4da0: 00007ffd5dfb7000-00007ffd5e03ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
1962d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5dfb7000 LB 0x89000 (base 00007ffd5df70000) - 'atcuf64.dll'
1972d88.4da0: 00007ffd5e040000-00007ffd5e046fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
1982d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e040000 LB 0x7000 (base 00007ffd5df70000) - 'atcuf64.dll'
1992d88.4da0: 00007ffd5e047000-00007ffd5e047fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
2002d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e047000 LB 0x1000 (base 00007ffd5df70000) - 'atcuf64.dll'
2012d88.4da0: 00007ffd5e048000-00007ffd5e04dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
2022d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e048000 LB 0x6000 (base 00007ffd5df70000) - 'atcuf64.dll'
2032d88.4da0: 00007ffd5e04e000-00007ffd5e051fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
2042d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e04e000 LB 0x4000 (base 00007ffd5df70000) - 'atcuf64.dll'
2052d88.4da0: 00007ffd5e052000-00007ffd5e05cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\atcuf\265134698549839964\atcuf64.dll
2062d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e052000 LB 0xb000 (base 00007ffd5df70000) - 'atcuf64.dll'
2072d88.4da0: 00007ffd5e05d000-00007ffd5e05ffff 0x0001/0x0000 0x0000000
2082d88.4da0: *00007ffd5e060000-00007ffd5e060fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll
2092d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e060000 LB 0x1000 (base 00007ffd5e060000) - 'bdhkm64.dll'
2102d88.4da0: 00007ffd5e061000-00007ffd5e083fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll
2112d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e061000 LB 0x23000 (base 00007ffd5e060000) - 'bdhkm64.dll'
2122d88.4da0: 00007ffd5e084000-00007ffd5e106fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll
2132d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e084000 LB 0x83000 (base 00007ffd5e060000) - 'bdhkm64.dll'
2142d88.4da0: 00007ffd5e107000-00007ffd5e109fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll
2152d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e107000 LB 0x3000 (base 00007ffd5e060000) - 'bdhkm64.dll'
2162d88.4da0: 00007ffd5e10a000-00007ffd5e10bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll
2172d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e10a000 LB 0x2000 (base 00007ffd5e060000) - 'bdhkm64.dll'
2182d88.4da0: 00007ffd5e10c000-00007ffd5e114fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Bitdefender\Bitdefender Security\bdhkm\265134698965852297\bdhkm64.dll
2192d88.4da0: supHardNtVpScanVirtualMemory: Ignoring unknown mem at 00007ffd5e10c000 LB 0x9000 (base 00007ffd5e060000) - 'bdhkm64.dll'
2202d88.4da0: 00007ffd5e115000-00007ffd8bb9ffff 0x0001/0x0000 0x0000000
2212d88.4da0: *00007ffd8bba0000-00007ffd8bba0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2222d88.4da0: 00007ffd8bba1000-00007ffd8bcb2fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2232d88.4da0: 00007ffd8bcb3000-00007ffd8be2afff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2242d88.4da0: 00007ffd8be2b000-00007ffd8be2efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2252d88.4da0: 00007ffd8be2f000-00007ffd8be2ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2262d88.4da0: 00007ffd8be30000-00007ffd8be68fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
2272d88.4da0: 00007ffd8be69000-00007ffd8d77ffff 0x0001/0x0000 0x0000000
2282d88.4da0: *00007ffd8d780000-00007ffd8d780fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2292d88.4da0: 00007ffd8d781000-00007ffd8d7fefff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2302d88.4da0: 00007ffd8d7ff000-00007ffd8d831fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2312d88.4da0: 00007ffd8d832000-00007ffd8d832fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2322d88.4da0: 00007ffd8d833000-00007ffd8d833fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2332d88.4da0: 00007ffd8d834000-00007ffd8d83cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2342d88.4da0: 00007ffd8d83d000-00007ffd8e42ffff 0x0001/0x0000 0x0000000
2352d88.4da0: *00007ffd8e430000-00007ffd8e430fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2362d88.4da0: 00007ffd8e431000-00007ffd8e54bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2372d88.4da0: 00007ffd8e54c000-00007ffd8e594fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2382d88.4da0: 00007ffd8e595000-00007ffd8e595fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2392d88.4da0: 00007ffd8e596000-00007ffd8e597fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2402d88.4da0: 00007ffd8e598000-00007ffd8e5a0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2412d88.4da0: 00007ffd8e5a1000-00007ffd8e625fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
2422d88.4da0: 00007ffd8e626000-00007ffd8e62ffff 0x0001/0x0000 0x0000000
2432d88.4da0: *00007ffd8e630000-00007ffd8e630fff 0x0020/0x0002 0x0020000 !!
2442d88.4da0: 00007ffd8e631000-00007ffd8e63ffff 0x0002/0x0002 0x0020000
2452d88.4da0: *00007ffd8e640000-00007ffd8e640fff 0x0020/0x0002 0x0020000 !!
2462d88.4da0: 00007ffd8e641000-00007ffd8e64ffff 0x0002/0x0002 0x0020000
2472d88.4da0: 00007ffd8e650000-00007ffffffeffff 0x0001/0x0000 0x0000000
2482d88.4da0: kernel32.dll: timestamp 0xd714134a (rc=VINF_SUCCESS)
2492d88.4da0: kernelbase.dll: timestamp 0xe9c5eae (rc=VINF_SUCCESS)
2502d88.4da0: VirtualBoxVM.exe: timestamp 0x5ff72a09 (rc=VINF_SUCCESS)
2512d88.4da0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
2522d88.4da0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
2532d88.4da0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
2542d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
2552d88.4da0: 00007ffd8e454020 / 0x0024020: 4c != e9
2562d88.4da0: 00007ffd8e454021 / 0x0024021: 89 != 0e
2572d88.4da0: 00007ffd8e454022 / 0x0024022: 4c != c0
2582d88.4da0: 00007ffd8e454023 / 0x0024023: 24 != 1d
2592d88.4da0: 00007ffd8e454024 / 0x0024024: 20 != 00
2602d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e453000
2612d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
2622d88.4da0: 00007ffd8e4cc7b0 / 0x009c7b0: 4c != e9
2632d88.4da0: 00007ffd8e4cc7b1 / 0x009c7b1: 8b != a8
2642d88.4da0: 00007ffd8e4cc7b2 / 0x009c7b2: d1 != 41
2652d88.4da0: 00007ffd8e4cc7b3 / 0x009c7b3: b8 != 16
2662d88.4da0: 00007ffd8e4cc7b4 / 0x009c7b4: 0d != 00
2672d88.4da0: 00007ffd8e4cc7b5 / 0x009c7b5: 00 != cc
2682d88.4da0: 00007ffd8e4cc7b6 / 0x009c7b6: 00 != cc
2692d88.4da0: 00007ffd8e4cc7b7 / 0x009c7b7: 00 != cc
2702d88.4da0: 00007ffd8e4cc7f0 / 0x009c7f0: 4c != e9
2712d88.4da0: 00007ffd8e4cc7f1 / 0x009c7f1: 8b != d5
2722d88.4da0: 00007ffd8e4cc7f2 / 0x009c7f2: d1 != 3a
2732d88.4da0: 00007ffd8e4cc7f3 / 0x009c7f3: b8 != 16
2742d88.4da0: 00007ffd8e4cc7f4 / 0x009c7f4: 0f != 00
2752d88.4da0: 00007ffd8e4cc7f5 / 0x009c7f5: 00 != cc
2762d88.4da0: 00007ffd8e4cc7f6 / 0x009c7f6: 00 != cc
2772d88.4da0: 00007ffd8e4cc7f7 / 0x009c7f7: 00 != cc
2782d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e4ca93e
2792d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
2802d88.4da0: 00007ffd8e4ccad0 / 0x009cad0: 4c != e9
2812d88.4da0: 00007ffd8e4ccad1 / 0x009cad1: 8b != 26
2822d88.4da0: 00007ffd8e4ccad2 / 0x009cad2: d1 != 3a
2832d88.4da0: 00007ffd8e4ccad3 / 0x009cad3: b8 != 16
2842d88.4da0: 00007ffd8e4ccad4 / 0x009cad4: 26 != 00
2852d88.4da0: 00007ffd8e4ccad5 / 0x009cad5: 00 != cc
2862d88.4da0: 00007ffd8e4ccad6 / 0x009cad6: 00 != cc
2872d88.4da0: 00007ffd8e4ccad7 / 0x009cad7: 00 != cc
2882d88.4da0: 00007ffd8e4ccb10 / 0x009cb10: 4c != e9
2892d88.4da0: 00007ffd8e4ccb11 / 0x009cb11: 8b != 4b
2902d88.4da0: 00007ffd8e4ccb12 / 0x009cb12: d1 != 3b
2912d88.4da0: 00007ffd8e4ccb13 / 0x009cb13: b8 != 16
2922d88.4da0: 00007ffd8e4ccb14 / 0x009cb14: 28 != 00
2932d88.4da0: 00007ffd8e4ccb15 / 0x009cb15: 00 != cc
2942d88.4da0: 00007ffd8e4ccb16 / 0x009cb16: 00 != cc
2952d88.4da0: 00007ffd8e4ccb17 / 0x009cb17: 00 != cc
2962d88.4da0: 00007ffd8e4ccb50 / 0x009cb50: 4c != e9
2972d88.4da0: 00007ffd8e4ccb51 / 0x009cb51: 8b != 3a
2982d88.4da0: 00007ffd8e4ccb52 / 0x009cb52: d1 != 3f
2992d88.4da0: 00007ffd8e4ccb53 / 0x009cb53: b8 != 16
3002d88.4da0: 00007ffd8e4ccb54 / 0x009cb54: 2a != 00
3012d88.4da0: 00007ffd8e4ccb55 / 0x009cb55: 00 != cc
3022d88.4da0: 00007ffd8e4ccb56 / 0x009cb56: 00 != cc
3032d88.4da0: 00007ffd8e4ccb57 / 0x009cb57: 00 != cc
3042d88.4da0: 00007ffd8e4ccb90 / 0x009cb90: 4c != e9
3052d88.4da0: 00007ffd8e4ccb91 / 0x009cb91: 8b != 6b
3062d88.4da0: 00007ffd8e4ccb92 / 0x009cb92: d1 != 34
3072d88.4da0: 00007ffd8e4ccb93 / 0x009cb93: b8 != 16
3082d88.4da0: 00007ffd8e4ccb94 / 0x009cb94: 2c != 00
3092d88.4da0: 00007ffd8e4ccb95 / 0x009cb95: 00 != cc
3102d88.4da0: 00007ffd8e4ccb96 / 0x009cb96: 00 != cc
3112d88.4da0: 00007ffd8e4ccb97 / 0x009cb97: 00 != cc
3122d88.4da0: 00007ffd8e4ccd50 / 0x009cd50: 4c != e9
3132d88.4da0: 00007ffd8e4ccd51 / 0x009cd51: 8b != 0d
3142d88.4da0: 00007ffd8e4ccd52 / 0x009cd52: d1 != 37
3152d88.4da0: 00007ffd8e4ccd53 / 0x009cd53: b8 != 16
3162d88.4da0: 00007ffd8e4ccd54 / 0x009cd54: 3a != 00
3172d88.4da0: 00007ffd8e4ccd55 / 0x009cd55: 00 != cc
3182d88.4da0: 00007ffd8e4ccd56 / 0x009cd56: 00 != cc
3192d88.4da0: 00007ffd8e4ccd57 / 0x009cd57: 00 != cc
3202d88.4da0: 00007ffd8e4ccd90 / 0x009cd90: 4c != e9
3212d88.4da0: 00007ffd8e4ccd91 / 0x009cd91: 8b != cc
3222d88.4da0: 00007ffd8e4ccd92 / 0x009cd92: d1 != 37
3232d88.4da0: 00007ffd8e4ccd93 / 0x009cd93: b8 != 16
3242d88.4da0: 00007ffd8e4ccd94 / 0x009cd94: 3c != 00
3252d88.4da0: 00007ffd8e4ccd95 / 0x009cd95: 00 != cc
3262d88.4da0: 00007ffd8e4ccd96 / 0x009cd96: 00 != cc
3272d88.4da0: 00007ffd8e4ccd97 / 0x009cd97: 00 != cc
3282d88.4da0: 00007ffd8e4cce30 / 0x009ce30: 4c != e9
3292d88.4da0: 00007ffd8e4cce31 / 0x009ce31: 8b != 31
3302d88.4da0: 00007ffd8e4cce32 / 0x009ce32: d1 != 32
3312d88.4da0: 00007ffd8e4cce33 / 0x009ce33: b8 != 16
3322d88.4da0: 00007ffd8e4cce34 / 0x009ce34: 41 != 00
3332d88.4da0: 00007ffd8e4cce35 / 0x009ce35: 00 != cc
3342d88.4da0: 00007ffd8e4cce36 / 0x009ce36: 00 != cc
3352d88.4da0: 00007ffd8e4cce37 / 0x009ce37: 00 != cc
3362d88.4da0: 00007ffd8e4cceb0 / 0x009ceb0: 4c != e9
3372d88.4da0: 00007ffd8e4cceb1 / 0x009ceb1: 8b != 12
3382d88.4da0: 00007ffd8e4cceb2 / 0x009ceb2: d1 != 37
3392d88.4da0: 00007ffd8e4cceb3 / 0x009ceb3: b8 != 16
3402d88.4da0: 00007ffd8e4cceb4 / 0x009ceb4: 45 != 00
3412d88.4da0: 00007ffd8e4cceb5 / 0x009ceb5: 00 != cc
3422d88.4da0: 00007ffd8e4cceb6 / 0x009ceb6: 00 != cc
3432d88.4da0: 00007ffd8e4cceb7 / 0x009ceb7: 00 != cc
3442d88.4da0: 00007ffd8e4ccfb0 / 0x009cfb0: 4c != e9
3452d88.4da0: 00007ffd8e4ccfb1 / 0x009cfb1: 8b != 7b
3462d88.4da0: 00007ffd8e4ccfb2 / 0x009cfb2: d1 != 33
3472d88.4da0: 00007ffd8e4ccfb3 / 0x009cfb3: b8 != 16
3482d88.4da0: 00007ffd8e4ccfb4 / 0x009cfb4: 4d != 00
3492d88.4da0: 00007ffd8e4ccfb5 / 0x009cfb5: 00 != cc
3502d88.4da0: 00007ffd8e4ccfb6 / 0x009cfb6: 00 != cc
3512d88.4da0: 00007ffd8e4ccfb7 / 0x009cfb7: 00 != cc
3522d88.4da0: 00007ffd8e4ccfd0 / 0x009cfd0: 4c != e9
3532d88.4da0: 00007ffd8e4ccfd1 / 0x009cfd1: 8b != 27
3542d88.4da0: 00007ffd8e4ccfd2 / 0x009cfd2: d1 != 34
3552d88.4da0: 00007ffd8e4ccfd3 / 0x009cfd3: b8 != 16
3562d88.4da0: 00007ffd8e4ccfd4 / 0x009cfd4: 4e != 00
3572d88.4da0: 00007ffd8e4ccfd5 / 0x009cfd5: 00 != cc
3582d88.4da0: 00007ffd8e4ccfd6 / 0x009cfd6: 00 != cc
3592d88.4da0: 00007ffd8e4ccfd7 / 0x009cfd7: 00 != cc
3602d88.4da0: 00007ffd8e4cd050 / 0x009d050: 4c != e9
3612d88.4da0: 00007ffd8e4cd051 / 0x009d051: 8b != a0
3622d88.4da0: 00007ffd8e4cd052 / 0x009d052: d1 != 3a
3632d88.4da0: 00007ffd8e4cd053 / 0x009d053: b8 != 16
3642d88.4da0: 00007ffd8e4cd054 / 0x009d054: 52 != 00
3652d88.4da0: 00007ffd8e4cd055 / 0x009d055: 00 != cc
3662d88.4da0: 00007ffd8e4cd056 / 0x009d056: 00 != cc
3672d88.4da0: 00007ffd8e4cd057 / 0x009d057: 00 != cc
3682d88.4da0: 00007ffd8e4cd520 / 0x009d520: 4c != e9
3692d88.4da0: 00007ffd8e4cd521 / 0x009d521: 8b != 6b
3702d88.4da0: 00007ffd8e4cd522 / 0x009d522: d1 != 34
3712d88.4da0: 00007ffd8e4cd523 / 0x009d523: b8 != 16
3722d88.4da0: 00007ffd8e4cd524 / 0x009d524: 79 != 00
3732d88.4da0: 00007ffd8e4cd525 / 0x009d525: 00 != cc
3742d88.4da0: 00007ffd8e4cd526 / 0x009d526: 00 != cc
3752d88.4da0: 00007ffd8e4cd527 / 0x009d527: 00 != cc
3762d88.4da0: 00007ffd8e4cd560 / 0x009d560: 4c != e9
3772d88.4da0: 00007ffd8e4cd561 / 0x009d561: 8b != 5e
3782d88.4da0: 00007ffd8e4cd562 / 0x009d562: d1 != 34
3792d88.4da0: 00007ffd8e4cd563 / 0x009d563: b8 != 16
3802d88.4da0: 00007ffd8e4cd564 / 0x009d564: 7b != 00
3812d88.4da0: 00007ffd8e4cd565 / 0x009d565: 00 != cc
3822d88.4da0: 00007ffd8e4cd566 / 0x009d566: 00 != cc
3832d88.4da0: 00007ffd8e4cd567 / 0x009d567: 00 != cc
3842d88.4da0: 00007ffd8e4cd780 / 0x009d780: 4c != e9
3852d88.4da0: 00007ffd8e4cd781 / 0x009d781: 8b != 71
3862d88.4da0: 00007ffd8e4cd782 / 0x009d782: d1 != 32
3872d88.4da0: 00007ffd8e4cd783 / 0x009d783: b8 != 16
3882d88.4da0: 00007ffd8e4cd784 / 0x009d784: 8c != 00
3892d88.4da0: 00007ffd8e4cd785 / 0x009d785: 00 != cc
3902d88.4da0: 00007ffd8e4cd786 / 0x009d786: 00 != cc
3912d88.4da0: 00007ffd8e4cd787 / 0x009d787: 00 != cc
3922d88.4da0: 00007ffd8e4cdd20 / 0x009dd20: 4c != e9
3932d88.4da0: 00007ffd8e4cdd21 / 0x009dd21: 8b != d8
3942d88.4da0: 00007ffd8e4cdd22 / 0x009dd22: d1 != 25
3952d88.4da0: 00007ffd8e4cdd23 / 0x009dd23: b8 != 16
3962d88.4da0: 00007ffd8e4cdd24 / 0x009dd24: b9 != 00
3972d88.4da0: 00007ffd8e4cdd25 / 0x009dd25: 00 != cc
3982d88.4da0: 00007ffd8e4cdd26 / 0x009dd26: 00 != cc
3992d88.4da0: 00007ffd8e4cdd27 / 0x009dd27: 00 != cc
4002d88.4da0: 00007ffd8e4cde20 / 0x009de20: 4c != e9
4012d88.4da0: 00007ffd8e4cde21 / 0x009de21: 8b != 0a
4022d88.4da0: 00007ffd8e4cde22 / 0x009de22: d1 != 26
4032d88.4da0: 00007ffd8e4cde23 / 0x009de23: b8 != 16
4042d88.4da0: 00007ffd8e4cde24 / 0x009de24: c1 != 00
4052d88.4da0: 00007ffd8e4cde25 / 0x009de25: 00 != cc
4062d88.4da0: 00007ffd8e4cde26 / 0x009de26: 00 != cc
4072d88.4da0: 00007ffd8e4cde27 / 0x009de27: 00 != cc
4082d88.4da0: 00007ffd8e4cdf00 / 0x009df00: 4c != e9
4092d88.4da0: 00007ffd8e4cdf01 / 0x009df01: 8b != 5e
4102d88.4da0: 00007ffd8e4cdf02 / 0x009df02: d1 != 24
4112d88.4da0: 00007ffd8e4cdf03 / 0x009df03: b8 != 16
4122d88.4da0: 00007ffd8e4cdf04 / 0x009df04: c8 != 00
4132d88.4da0: 00007ffd8e4cdf05 / 0x009df05: 00 != cc
4142d88.4da0: 00007ffd8e4cdf06 / 0x009df06: 00 != cc
4152d88.4da0: 00007ffd8e4cdf07 / 0x009df07: 00 != cc
4162d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e4cc93e
4172d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
4182d88.4da0: 00007ffd8e4cf200 / 0x009f200: 4c != e9
4192d88.4da0: 00007ffd8e4cf201 / 0x009f201: 8b != 57
4202d88.4da0: 00007ffd8e4cf202 / 0x009f202: d1 != 18
4212d88.4da0: 00007ffd8e4cf203 / 0x009f203: b8 != 16
4222d88.4da0: 00007ffd8e4cf204 / 0x009f204: 60 != 00
4232d88.4da0: 00007ffd8e4cf205 / 0x009f205: 01 != cc
4242d88.4da0: 00007ffd8e4cf206 / 0x009f206: 00 != cc
4252d88.4da0: 00007ffd8e4cf207 / 0x009f207: 00 != cc
4262d88.4da0: 00007ffd8e4cf2e0 / 0x009f2e0: 4c != e9
4272d88.4da0: 00007ffd8e4cf2e1 / 0x009f2e1: 8b != e6
4282d88.4da0: 00007ffd8e4cf2e2 / 0x009f2e2: d1 != 0e
4292d88.4da0: 00007ffd8e4cf2e3 / 0x009f2e3: b8 != 16
4302d88.4da0: 00007ffd8e4cf2e4 / 0x009f2e4: 67 != 00
4312d88.4da0: 00007ffd8e4cf2e5 / 0x009f2e5: 01 != cc
4322d88.4da0: 00007ffd8e4cf2e6 / 0x009f2e6: 00 != cc
4332d88.4da0: 00007ffd8e4cf2e7 / 0x009f2e7: 00 != cc
4342d88.4da0: 00007ffd8e4cf760 / 0x009f760: 4c != e9
4352d88.4da0: 00007ffd8e4cf761 / 0x009f761: 8b != 95
4362d88.4da0: 00007ffd8e4cf762 / 0x009f762: d1 != 0e
4372d88.4da0: 00007ffd8e4cf763 / 0x009f763: b8 != 16
4382d88.4da0: 00007ffd8e4cf764 / 0x009f764: 8b != 00
4392d88.4da0: 00007ffd8e4cf765 / 0x009f765: 01 != cc
4402d88.4da0: 00007ffd8e4cf766 / 0x009f766: 00 != cc
4412d88.4da0: 00007ffd8e4cf767 / 0x009f767: 00 != cc
4422d88.4da0: 00007ffd8e4cfb20 / 0x009fb20: 4c != e9
4432d88.4da0: 00007ffd8e4cfb21 / 0x009fb21: 8b != 04
4442d88.4da0: 00007ffd8e4cfb22 / 0x009fb22: d1 != 0f
4452d88.4da0: 00007ffd8e4cfb23 / 0x009fb23: b8 != 16
4462d88.4da0: 00007ffd8e4cfb24 / 0x009fb24: a9 != 00
4472d88.4da0: 00007ffd8e4cfb25 / 0x009fb25: 01 != cc
4482d88.4da0: 00007ffd8e4cfb26 / 0x009fb26: 00 != cc
4492d88.4da0: 00007ffd8e4cfb27 / 0x009fb27: 00 != cc
4502d88.4da0: Restored 0x19e2 bytes of original file content at 00007ffd8e4ce93e
4512d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
4522d88.4da0: 00007ffd8e50c100 / 0x00dc100: 4c != e9
4532d88.4da0: 00007ffd8e50c101 / 0x00dc101: 8b != bd
4542d88.4da0: 00007ffd8e50c102 / 0x00dc102: c2 != 49
4552d88.4da0: 00007ffd8e50c103 / 0x00dc103: 41 != 12
4562d88.4da0: 00007ffd8e50c104 / 0x00dc104: b9 != 00
4572d88.4da0: 00007ffd8e50c106 / 0x00dc106: 02 != cc
4582d88.4da0: 00007ffd8e50c107 / 0x00dc107: 00 != cc
4592d88.4da0: 00007ffd8e50c108 / 0x00dc108: 00 != cc
4602d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e50a48e
4612d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
4622d88.4da0: 00007ffd8e50c850 / 0x00dc850: 48 != e9
4632d88.4da0: 00007ffd8e50c851 / 0x00dc851: 8b != a9
4642d88.4da0: 00007ffd8e50c852 / 0x00dc852: c4 != 39
4652d88.4da0: 00007ffd8e50c853 / 0x00dc853: 48 != 12
4662d88.4da0: 00007ffd8e50c854 / 0x00dc854: 89 != 00
4672d88.4da0: 00007ffd8e50c855 / 0x00dc855: 58 != cc
4682d88.4da0: 00007ffd8e50c856 / 0x00dc856: 08 != cc
4692d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e50c48e
4702d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory:
4712d88.4da0: 00007ffd8d7a2430 / 0x0022430: 4c != e9
4722d88.4da0: 00007ffd8d7a2431 / 0x0022431: 8b != 62
4732d88.4da0: 00007ffd8d7a2432 / 0x0022432: dc != de
4742d88.4da0: 00007ffd8d7a2433 / 0x0022433: 53 != e8
4752d88.4da0: 00007ffd8d7a2434 / 0x0022434: 56 != 00
4762d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7a1000
4772d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory:
4782d88.4da0: 00007ffd8d7a6450 / 0x0026450: 89 != e9
4792d88.4da0: 00007ffd8d7a6451 / 0x0026451: 54 != d8
4802d88.4da0: 00007ffd8d7a6452 / 0x0026452: 24 != a1
4812d88.4da0: 00007ffd8d7a6453 / 0x0026453: 10 != e8
4822d88.4da0: 00007ffd8d7a6454 / 0x0026454: 89 != 00
4832d88.4da0: 00007ffd8d7a6455 / 0x0026455: 4c != cc
4842d88.4da0: 00007ffd8d7a6456 / 0x0026456: 24 != cc
4852d88.4da0: 00007ffd8d7a6457 / 0x0026457: 08 != cc
4862d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7a5000
4872d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory:
4882d88.4da0: 00007ffd8d7e2800 / 0x0062800: 48 != e9
4892d88.4da0: 00007ffd8d7e2801 / 0x0062801: 83 != 27
4902d88.4da0: 00007ffd8d7e2802 / 0x0062802: ec != df
4912d88.4da0: 00007ffd8d7e2803 / 0x0062803: 38 != e4
4922d88.4da0: 00007ffd8d7e2804 / 0x0062804: 48 != 00
4932d88.4da0: 00007ffd8d7e2805 / 0x0062805: 83 != cc
4942d88.4da0: 00007ffd8d7e2806 / 0x0062806: 64 != cc
4952d88.4da0: 00007ffd8d7e2807 / 0x0062807: 24 != cc
4962d88.4da0: 00007ffd8d7e2808 / 0x0062808: 28 != cc
4972d88.4da0: 00007ffd8d7e2809 / 0x0062809: 00 != cc
4982d88.4da0: 00007ffd8d7e2910 / 0x0062910: 48 != e9
4992d88.4da0: 00007ffd8d7e2911 / 0x0062911: 83 != 7d
5002d88.4da0: 00007ffd8d7e2912 / 0x0062912: ec != de
5012d88.4da0: 00007ffd8d7e2913 / 0x0062913: 38 != e4
5022d88.4da0: 00007ffd8d7e2914 / 0x0062914: 48 != 00
5032d88.4da0: 00007ffd8d7e2915 / 0x0062915: 83 != cc
5042d88.4da0: 00007ffd8d7e2916 / 0x0062916: 64 != cc
5052d88.4da0: 00007ffd8d7e2917 / 0x0062917: 24 != cc
5062d88.4da0: 00007ffd8d7e2918 / 0x0062918: 28 != cc
5072d88.4da0: 00007ffd8d7e2919 / 0x0062919: 00 != cc
5082d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7e1000
5092d88.4da0: kernel32.dll: Differences in section #1 (.text) between file and memory:
5102d88.4da0: 00007ffd8d7e3bd0 / 0x0063bd0: 48 != e9
5112d88.4da0: 00007ffd8d7e3bd1 / 0x0063bd1: 89 != f1
5122d88.4da0: 00007ffd8d7e3bd2 / 0x0063bd2: 5c != ca
5132d88.4da0: 00007ffd8d7e3bd3 / 0x0063bd3: 24 != e4
5142d88.4da0: 00007ffd8d7e3bd4 / 0x0063bd4: 08 != 00
5152d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8d7e3000
5162d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5172d88.4da0: 00007ffd8bba3cb0 / 0x0003cb0: 40 != e9
5182d88.4da0: 00007ffd8bba3cb1 / 0x0003cb1: 55 != 44
5192d88.4da0: 00007ffd8bba3cb2 / 0x0003cb2: 53 != ca
5202d88.4da0: 00007ffd8bba3cb3 / 0x0003cb3: 56 != a8
5212d88.4da0: 00007ffd8bba3cb4 / 0x0003cb4: 57 != 02
5222d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bba3000
5232d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5242d88.4da0: 00007ffd8bba9c70 / 0x0009c70: 48 != e9
5252d88.4da0: 00007ffd8bba9c71 / 0x0009c71: 83 != 23
5262d88.4da0: 00007ffd8bba9c72 / 0x0009c72: ec != 65
5272d88.4da0: 00007ffd8bba9c73 / 0x0009c73: 38 != a8
5282d88.4da0: 00007ffd8bba9c74 / 0x0009c74: b8 != 02
5292d88.4da0: 00007ffd8bba9c75 / 0x0009c75: 03 != cc
5302d88.4da0: 00007ffd8bba9c76 / 0x0009c76: 00 != cc
5312d88.4da0: 00007ffd8bba9c77 / 0x0009c77: 00 != cc
5322d88.4da0: 00007ffd8bba9c78 / 0x0009c78: 00 != cc
5332d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bba9000
5342d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5352d88.4da0: 00007ffd8bbc2c70 / 0x0022c70: 40 != e9
5362d88.4da0: 00007ffd8bbc2c71 / 0x0022c71: 53 != 1e
5372d88.4da0: 00007ffd8bbc2c72 / 0x0022c72: 48 != da
5382d88.4da0: 00007ffd8bbc2c73 / 0x0022c73: 83 != a6
5392d88.4da0: 00007ffd8bbc2c74 / 0x0022c74: ec != 02
5402d88.4da0: 00007ffd8bbc2c75 / 0x0022c75: 20 != cc
5412d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbc1000
5422d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5432d88.4da0: 00007ffd8bbca330 / 0x002a330: 40 != e9
5442d88.4da0: 00007ffd8bbca331 / 0x002a331: 55 != c3
5452d88.4da0: 00007ffd8bbca332 / 0x002a332: 53 != 64
5462d88.4da0: 00007ffd8bbca333 / 0x002a333: 56 != a6
5472d88.4da0: 00007ffd8bbca334 / 0x002a334: 57 != 02
5482d88.4da0: 00007ffd8bbca820 / 0x002a820: 4c != e9
5492d88.4da0: 00007ffd8bbca821 / 0x002a821: 8b != 09
5502d88.4da0: 00007ffd8bbca822 / 0x002a822: dc != 5d
5512d88.4da0: 00007ffd8bbca823 / 0x002a823: 48 != a6
5522d88.4da0: 00007ffd8bbca824 / 0x002a824: 83 != 02
5532d88.4da0: 00007ffd8bbca825 / 0x002a825: ec != cc
5542d88.4da0: 00007ffd8bbca826 / 0x002a826: 68 != cc
5552d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbc9000
5562d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5572d88.4da0: 00007ffd8bbcdad0 / 0x002dad0: 4c != e9
5582d88.4da0: 00007ffd8bbcdad1 / 0x002dad1: 8b != f4
5592d88.4da0: 00007ffd8bbcdad2 / 0x002dad2: dc != 28
5602d88.4da0: 00007ffd8bbcdad3 / 0x002dad3: 53 != a6
5612d88.4da0: 00007ffd8bbcdad4 / 0x002dad4: 56 != 02
5622d88.4da0: 00007ffd8bbce3c0 / 0x002e3c0: 4c != e9
5632d88.4da0: 00007ffd8bbce3c1 / 0x002e3c1: 89 != d0
5642d88.4da0: 00007ffd8bbce3c2 / 0x002e3c2: 4c != 20
5652d88.4da0: 00007ffd8bbce3c3 / 0x002e3c3: 24 != a6
5662d88.4da0: 00007ffd8bbce3c4 / 0x002e3c4: 20 != 02
5672d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbcd000
5682d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5692d88.4da0: 00007ffd8bbd1d50 / 0x0031d50: 40 != e9
5702d88.4da0: 00007ffd8bbd1d51 / 0x0031d51: 53 != 73
5712d88.4da0: 00007ffd8bbd1d52 / 0x0031d52: 56 != e7
5722d88.4da0: 00007ffd8bbd1d53 / 0x0031d53: 57 != a5
5732d88.4da0: 00007ffd8bbd1d54 / 0x0031d54: 41 != 02
5742d88.4da0: 00007ffd8bbd1d55 / 0x0031d55: 54 != cc
5752d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbd1000
5762d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5772d88.4da0: 00007ffd8bbe5560 / 0x0045560: 48 != e9
5782d88.4da0: 00007ffd8bbe5561 / 0x0045561: 89 != 2c
5792d88.4da0: 00007ffd8bbe5562 / 0x0045562: 5c != b3
5802d88.4da0: 00007ffd8bbe5563 / 0x0045563: 24 != a4
5812d88.4da0: 00007ffd8bbe5564 / 0x0045564: 18 != 02
5822d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbe5000
5832d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
5842d88.4da0: 00007ffd8bbf1ee0 / 0x0051ee0: 48 != e9
5852d88.4da0: 00007ffd8bbf1ee1 / 0x0051ee1: 83 != e0
5862d88.4da0: 00007ffd8bbf1ee2 / 0x0051ee2: ec != e8
5872d88.4da0: 00007ffd8bbf1ee3 / 0x0051ee3: 38 != a3
5882d88.4da0: 00007ffd8bbf1ee4 / 0x0051ee4: 48 != 02
5892d88.4da0: 00007ffd8bbf1ee5 / 0x0051ee5: 83 != cc
5902d88.4da0: 00007ffd8bbf1ee6 / 0x0051ee6: 64 != cc
5912d88.4da0: 00007ffd8bbf1ee7 / 0x0051ee7: 24 != cc
5922d88.4da0: 00007ffd8bbf1ee8 / 0x0051ee8: 28 != cc
5932d88.4da0: 00007ffd8bbf1ee9 / 0x0051ee9: 00 != cc
5942d88.4da0: 00007ffd8bbf1f10 / 0x0051f10: 48 != e9
5952d88.4da0: 00007ffd8bbf1f11 / 0x0051f11: 83 != 4a
5962d88.4da0: 00007ffd8bbf1f12 / 0x0051f12: ec != e8
5972d88.4da0: 00007ffd8bbf1f13 / 0x0051f13: 38 != a3
5982d88.4da0: 00007ffd8bbf1f14 / 0x0051f14: 48 != 02
5992d88.4da0: 00007ffd8bbf1f15 / 0x0051f15: 83 != cc
6002d88.4da0: 00007ffd8bbf1f16 / 0x0051f16: 64 != cc
6012d88.4da0: 00007ffd8bbf1f17 / 0x0051f17: 24 != cc
6022d88.4da0: 00007ffd8bbf1f18 / 0x0051f18: 28 != cc
6032d88.4da0: 00007ffd8bbf1f19 / 0x0051f19: 00 != cc
6042d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bbf1000
6052d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6062d88.4da0: 00007ffd8bc0af70 / 0x006af70: 40 != e9
6072d88.4da0: 00007ffd8bc0af71 / 0x006af71: 53 != ef
6082d88.4da0: 00007ffd8bc0af72 / 0x006af72: 48 != 52
6092d88.4da0: 00007ffd8bc0af73 / 0x006af73: 83 != a2
6102d88.4da0: 00007ffd8bc0af74 / 0x006af74: ec != 02
6112d88.4da0: 00007ffd8bc0af75 / 0x006af75: 30 != cc
6122d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc09000
6132d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6142d88.4da0: 00007ffd8bc0be50 / 0x006be50: 48 != e9
6152d88.4da0: 00007ffd8bc0be51 / 0x006be51: 89 != 39
6162d88.4da0: 00007ffd8bc0be52 / 0x006be52: 5c != 4d
6172d88.4da0: 00007ffd8bc0be53 / 0x006be53: 24 != a2
6182d88.4da0: 00007ffd8bc0be54 / 0x006be54: 10 != 02
6192d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc0b000
6202d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6212d88.4da0: 00007ffd8bc0e7c0 / 0x006e7c0: 48 != e9
6222d88.4da0: 00007ffd8bc0e7c1 / 0x006e7c1: 89 != 6c
6232d88.4da0: 00007ffd8bc0e7c2 / 0x006e7c2: 5c != 1a
6242d88.4da0: 00007ffd8bc0e7c3 / 0x006e7c3: 24 != a2
6252d88.4da0: 00007ffd8bc0e7c4 / 0x006e7c4: 08 != 02
6262d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc0d000
6272d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6282d88.4da0: 00007ffd8bc130f0 / 0x00730f0: 48 != e9
6292d88.4da0: 00007ffd8bc130f1 / 0x00730f1: 8b != 9f
6302d88.4da0: 00007ffd8bc130f2 / 0x00730f2: c4 != d4
6312d88.4da0: 00007ffd8bc130f3 / 0x00730f3: 48 != a1
6322d88.4da0: 00007ffd8bc130f4 / 0x00730f4: 89 != 02
6332d88.4da0: 00007ffd8bc130f5 / 0x00730f5: 58 != cc
6342d88.4da0: 00007ffd8bc130f6 / 0x00730f6: 08 != cc
6352d88.4da0: 00007ffd8bc14290 / 0x0074290: 89 != e9
6362d88.4da0: 00007ffd8bc14291 / 0x0074291: 4c != c6
6372d88.4da0: 00007ffd8bc14292 / 0x0074292: 24 != c8
6382d88.4da0: 00007ffd8bc14293 / 0x0074293: 08 != a1
6392d88.4da0: 00007ffd8bc14294 / 0x0074294: 48 != 02
6402d88.4da0: 00007ffd8bc14295 / 0x0074295: 83 != cc
6412d88.4da0: 00007ffd8bc14296 / 0x0074296: ec != cc
6422d88.4da0: 00007ffd8bc14297 / 0x0074297: 38 != cc
6432d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc13000
6442d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6452d88.4da0: 00007ffd8bc16210 / 0x0076210: 4c != e9
6462d88.4da0: 00007ffd8bc16211 / 0x0076211: 8b != 16
6472d88.4da0: 00007ffd8bc16212 / 0x0076212: dc != a6
6482d88.4da0: 00007ffd8bc16213 / 0x0076213: 48 != a1
6492d88.4da0: 00007ffd8bc16214 / 0x0076214: 83 != 02
6502d88.4da0: 00007ffd8bc16215 / 0x0076215: ec != cc
6512d88.4da0: 00007ffd8bc16216 / 0x0076216: 68 != cc
6522d88.4da0: 00007ffd8bc164b0 / 0x00764b0: 4c != e9
6532d88.4da0: 00007ffd8bc164b1 / 0x00764b1: 8b != a9
6542d88.4da0: 00007ffd8bc164b2 / 0x00764b2: dc != a3
6552d88.4da0: 00007ffd8bc164b3 / 0x00764b3: 48 != a1
6562d88.4da0: 00007ffd8bc164b4 / 0x00764b4: 83 != 02
6572d88.4da0: 00007ffd8bc164b5 / 0x00764b5: ec != cc
6582d88.4da0: 00007ffd8bc164b6 / 0x00764b6: 68 != cc
6592d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc15000
6602d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6612d88.4da0: 00007ffd8bc17ea0 / 0x0077ea0: 48 != e9
6622d88.4da0: 00007ffd8bc17ea1 / 0x0077ea1: 89 != 1f
6632d88.4da0: 00007ffd8bc17ea2 / 0x0077ea2: 5c != 8a
6642d88.4da0: 00007ffd8bc17ea3 / 0x0077ea3: 24 != a1
6652d88.4da0: 00007ffd8bc17ea4 / 0x0077ea4: 08 != 02
6662d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc17000
6672d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6682d88.4da0: 00007ffd8bc19400 / 0x0079400: 45 != e9
6692d88.4da0: 00007ffd8bc19401 / 0x0079401: 33 != f2
6702d88.4da0: 00007ffd8bc19402 / 0x0079402: c0 != 74
6712d88.4da0: 00007ffd8bc19403 / 0x0079403: 33 != a1
6722d88.4da0: 00007ffd8bc19404 / 0x0079404: d2 != 02
6732d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc19000
6742d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6752d88.4da0: 00007ffd8bc1be70 / 0x007be70: 48 != e9
6762d88.4da0: 00007ffd8bc1be71 / 0x007be71: 89 != b3
6772d88.4da0: 00007ffd8bc1be72 / 0x007be72: 5c != 4c
6782d88.4da0: 00007ffd8bc1be73 / 0x007be73: 24 != a1
6792d88.4da0: 00007ffd8bc1be74 / 0x007be74: 08 != 02
6802d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc1b000
6812d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
6822d88.4da0: 00007ffd8bc9ddb0 / 0x00fddb0: 48 != e9
6832d88.4da0: 00007ffd8bc9ddb1 / 0x00fddb1: 83 != b0
6842d88.4da0: 00007ffd8bc9ddb2 / 0x00fddb2: ec != 23
6852d88.4da0: 00007ffd8bc9ddb3 / 0x00fddb3: 38 != 99
6862d88.4da0: 00007ffd8bc9ddb4 / 0x00fddb4: b8 != 02
6872d88.4da0: 00007ffd8bc9ddb5 / 0x00fddb5: 03 != cc
6882d88.4da0: 00007ffd8bc9ddb6 / 0x00fddb6: 00 != cc
6892d88.4da0: 00007ffd8bc9ddb7 / 0x00fddb7: 00 != cc
6902d88.4da0: 00007ffd8bc9ddb8 / 0x00fddb8: 00 != cc
6912d88.4da0: 00007ffd8bc9dde0 / 0x00fdde0: 48 != e9
6922d88.4da0: 00007ffd8bc9dde1 / 0x00fdde1: 83 != 1a
6932d88.4da0: 00007ffd8bc9dde2 / 0x00fdde2: ec != 23
6942d88.4da0: 00007ffd8bc9dde3 / 0x00fdde3: 38 != 99
6952d88.4da0: 00007ffd8bc9dde4 / 0x00fdde4: 33 != 02
6962d88.4da0: 00007ffd8bc9dde5 / 0x00fdde5: c0 != cc
6972d88.4da0: 00007ffd8bc9de60 / 0x00fde60: 48 != e9
6982d88.4da0: 00007ffd8bc9de61 / 0x00fde61: 83 != cd
6992d88.4da0: 00007ffd8bc9de62 / 0x00fde62: ec != 22
7002d88.4da0: 00007ffd8bc9de63 / 0x00fde63: 38 != 99
7012d88.4da0: 00007ffd8bc9de64 / 0x00fde64: 33 != 02
7022d88.4da0: 00007ffd8bc9de65 / 0x00fde65: c0 != cc
7032d88.4da0: 00007ffd8bc9e2e0 / 0x00fe2e0: 40 != e9
7042d88.4da0: 00007ffd8bc9e2e1 / 0x00fe2e1: 53 != 45
7052d88.4da0: 00007ffd8bc9e2e2 / 0x00fe2e2: 48 != 26
7062d88.4da0: 00007ffd8bc9e2e3 / 0x00fe2e3: 81 != 99
7072d88.4da0: 00007ffd8bc9e2e4 / 0x00fe2e4: ec != 02
7082d88.4da0: 00007ffd8bc9e2e5 / 0x00fe2e5: 90 != cc
7092d88.4da0: 00007ffd8bc9e2e6 / 0x00fe2e6: 00 != cc
7102d88.4da0: 00007ffd8bc9e2e7 / 0x00fe2e7: 00 != cc
7112d88.4da0: 00007ffd8bc9e2e8 / 0x00fe2e8: 00 != cc
7122d88.4da0: 00007ffd8bc9ec90 / 0x00fec90: 40 != e9
7132d88.4da0: 00007ffd8bc9ec91 / 0x00fec91: 53 != 04
7142d88.4da0: 00007ffd8bc9ec92 / 0x00fec92: 48 != 14
7152d88.4da0: 00007ffd8bc9ec93 / 0x00fec93: 83 != 99
7162d88.4da0: 00007ffd8bc9ec94 / 0x00fec94: ec != 02
7172d88.4da0: 00007ffd8bc9ec95 / 0x00fec95: 30 != cc
7182d88.4da0: 00007ffd8bc9eed0 / 0x00feed0: 40 != e9
7192d88.4da0: 00007ffd8bc9eed1 / 0x00feed1: 53 != f7
7202d88.4da0: 00007ffd8bc9eed2 / 0x00feed2: 48 != 11
7212d88.4da0: 00007ffd8bc9eed3 / 0x00feed3: 83 != 99
7222d88.4da0: 00007ffd8bc9eed4 / 0x00feed4: ec != 02
7232d88.4da0: 00007ffd8bc9eed5 / 0x00feed5: 30 != cc
7242d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bc9d000
7252d88.4da0: kernelbase.dll: Differences in section #1 (.text) between file and memory:
7262d88.4da0: 00007ffd8bca6ff0 / 0x0106ff0: 4c != e9
7272d88.4da0: 00007ffd8bca6ff1 / 0x0106ff1: 8b != a1
7282d88.4da0: 00007ffd8bca6ff2 / 0x0106ff2: dc != 93
7292d88.4da0: 00007ffd8bca6ff3 / 0x0106ff3: 48 != 98
7302d88.4da0: 00007ffd8bca6ff4 / 0x0106ff4: 83 != 02
7312d88.4da0: 00007ffd8bca6ff5 / 0x0106ff5: ec != cc
7322d88.4da0: 00007ffd8bca6ff6 / 0x0106ff6: 48 != cc
7332d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8bca5000
7342d88.4da0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=28
7352d88.4da0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
7362d88.4da0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
7372d88.4da0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
7382d88.4da0: supR3HardNtEnableThreadCreationEx:
7392d88.4da0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd8e4a4930 pvNtTerminateThread=00007ffd8e4cd070
7402d88.4da0: supR3HardenedWinDoReSpawn(1): New child 2134.3aa8 [kernel32].
7412d88.4da0: supR3HardNtChildGatherData: PebBaseAddress=0000000001185000 cbPeb=0x388
7422d88.4da0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffd8e430000 uNtDllChildAddr=00007ffd8e430000
7432d88.4da0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffd8e4a4930
7442d88.4da0: supR3HardenedWinSetupChildInit: Initial context:
745 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d0f97900 rdx=0000000001185000
746 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
747 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
748 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
749 rip=00007ffd8e47d220 rsp=00000000012ff938 rbp=0000000000000000 ctxflags=0010001b
750 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
751 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
752 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
753 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
754 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
7552d88.4da0: supR3HardenedWinSetupChildInit: Start child.
7562d88.4da0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
7572d88.4da0: supR3HardNtChildPurify: Startup delay kludge #1/0: 259 ms, 17 sleeps
7582d88.4da0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
7592d88.4da0: *0000000000000000-0000000000efffff 0x0001/0x0000 0x0000000
7602d88.4da0: *0000000000f00000-0000000000f1ffff 0x0004/0x0004 0x0020000
7612d88.4da0: *0000000000f20000-0000000000f3cfff 0x0002/0x0002 0x0040000
7622d88.4da0: 0000000000f3d000-0000000000f3ffff 0x0001/0x0000 0x0000000
7632d88.4da0: *0000000000f40000-0000000000f43fff 0x0002/0x0002 0x0040000
7642d88.4da0: 0000000000f44000-0000000000f4ffff 0x0001/0x0000 0x0000000
7652d88.4da0: *0000000000f50000-0000000000f51fff 0x0004/0x0004 0x0020000
7662d88.4da0: 0000000000f52000-0000000000ffffff 0x0001/0x0000 0x0000000
7672d88.4da0: *0000000001000000-0000000001184fff 0x0000/0x0004 0x0020000
7682d88.4da0: 0000000001185000-0000000001187fff 0x0004/0x0004 0x0020000
7692d88.4da0: 0000000001188000-00000000011fffff 0x0000/0x0004 0x0020000
7702d88.4da0: *0000000001200000-00000000012fafff 0x0000/0x0004 0x0020000
7712d88.4da0: 00000000012fb000-00000000012fdfff 0x0104/0x0004 0x0020000
7722d88.4da0: 00000000012fe000-00000000012fffff 0x0004/0x0004 0x0020000
7732d88.4da0: 0000000001300000-000000007ffdffff 0x0001/0x0000 0x0000000
7742d88.4da0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
7752d88.4da0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
7762d88.4da0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
7772d88.4da0: 000000007fff0000-00007ff5f309ffff 0x0001/0x0000 0x0000000
7782d88.4da0: *00007ff5f30a0000-00007ff5f30a0fff 0x0020/0x0004 0x0020000 !!
7792d88.4da0: supHardNtVpFreeOrReplacePrivateExecMemory: Freeing exec mem at 00007ff5f30a0000 (LB 0x1000, 00007ff5f30a0000 LB 0x1000)
7802d88.4da0: 000000000182d090/0000: 16 00 20 00 00 00 00 00-10 00 0a f3 f5 7f 00 00 .. .............
781000000000182d0a0/0010: 61 00 74 00 63 00 75 00-66 00 36 00 34 00 2e 00 a.t.c.u.f.6.4...
782000000000182d0b0/0020: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l...........
783000000000182d0c0/0030: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r.
784000000000182d0d0/0040: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s.
785000000000182d0e0/0050: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e.
786000000000182d0f0/0060: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t.
787000000000182d100/0070: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r.
788000000000182d110/0080: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t.
789000000000182d120/0090: 79 00 5c 00 61 00 74 00-63 00 75 00 66 00 5c 00 y.\.a.t.c.u.f.\.
790000000000182d130/00a0: 32 00 36 00 35 00 31 00-33 00 34 00 36 00 39 00 2.6.5.1.3.4.6.9.
791000000000182d140/00b0: 38 00 35 00 34 00 39 00-38 00 33 00 39 00 39 00 8.5.4.9.8.3.9.9.
792000000000182d150/00c0: 36 00 34 00 5c 00 00 00-00 00 00 00 00 00 00 00 6.4.\...........
793000000000182d160/00d0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
794000000000182d170/00e0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
795000000000182d180/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
7962d88.4da0: 000000000182d490/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
797**************** **** <ditto x 2>
798000000000182d4c0/0030: 16 00 20 00 00 00 00 00-40 04 0a f3 f5 7f 00 00 .. .....@.......
799000000000182d4d0/0040: 62 00 64 00 68 00 6b 00-6d 00 36 00 34 00 2e 00 b.d.h.k.m.6.4...
800000000000182d4e0/0050: 64 00 6c 00 6c 00 00 00-00 00 00 00 00 00 00 00 d.l.l...........
801000000000182d4f0/0060: 43 00 3a 00 5c 00 50 00-72 00 6f 00 67 00 72 00 C.:.\.P.r.o.g.r.
802000000000182d500/0070: 61 00 6d 00 20 00 46 00-69 00 6c 00 65 00 73 00 a.m. .F.i.l.e.s.
803000000000182d510/0080: 5c 00 42 00 69 00 74 00-64 00 65 00 66 00 65 00 \.B.i.t.d.e.f.e.
804000000000182d520/0090: 6e 00 64 00 65 00 72 00-5c 00 42 00 69 00 74 00 n.d.e.r.\.B.i.t.
805000000000182d530/00a0: 64 00 65 00 66 00 65 00-6e 00 64 00 65 00 72 00 d.e.f.e.n.d.e.r.
806000000000182d540/00b0: 20 00 53 00 65 00 63 00-75 00 72 00 69 00 74 00 .S.e.c.u.r.i.t.
807000000000182d550/00c0: 79 00 5c 00 62 00 64 00-68 00 6b 00 6d 00 5c 00 y.\.b.d.h.k.m.\.
808000000000182d560/00d0: 32 00 36 00 35 00 31 00-33 00 34 00 36 00 39 00 2.6.5.1.3.4.6.9.
809000000000182d570/00e0: 38 00 39 00 36 00 35 00-38 00 35 00 32 00 32 00 8.9.6.5.8.5.2.2.
810000000000182d580/00f0: 39 00 37 00 5c 00 00 00-00 00 00 00 00 00 00 00 9.7.\...........
8112d88.4da0: 000000000182d890/0000: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
812**************** **** <ditto x 5>
813000000000182d8f0/0060: 60 46 46 8e fd 7f 00 00-10 d0 4c 8e fd 7f 00 00 `FF.......L.....
814000000000182d900/0070: 48 89 5c 24 10 56 57 41-56 48 81 ec d0 00 00 00 H.\$.VWAVH......
815000000000182d910/0080: 48 83 ec 38 56 57 51 52-41 50 41 51 48 83 ec 40 H..8VWQRAPAQH..@
816000000000182d920/0090: 48 b9 ff ff ff ff ff ff-ff ff 48 8b 15 bf ff ff H.........H.....
817000000000182d930/00a0: ff 48 89 54 24 38 48 8d-54 24 38 48 c7 44 24 28 .H.T$8H.T$8H.D$(
818000000000182d940/00b0: 10 00 00 00 4c 8d 44 24-28 49 c7 c1 04 00 00 00 ....L.D$(I......
819000000000182d950/00c0: 48 8d 7c 24 30 48 89 7c-24 20 48 8b 05 97 ff ff H.|$0H.|$ H.....
820000000000182d960/00d0: ff ff d0 85 c0 0f 88 00-01 00 00 48 8d 35 8e ff ...........H.5..
821000000000182d970/00e0: ff ff 48 8b 3d 77 ff ff-ff 48 c7 c1 10 00 00 00 ..H.=w...H......
822000000000182d980/00f0: fc f3 a4 48 b9 ff ff ff-ff ff ff ff ff 48 8b 15 ...H.........H..
8232d88.4da0: 000000000182d990/0000: 5c ff ff ff 48 89 54 24-38 48 8d 54 24 38 48 c7 \...H.T$8H.T$8H.
824000000000182d9a0/0010: 44 24 28 10 00 00 00 4c-8d 44 24 28 4c 8b 4c 24 D$(....L.D$(L.L$
825000000000182d9b0/0020: 30 48 8d 7c 24 30 48 89-7c 24 20 48 8b 05 36 ff 0H.|$0H.|$ H..6.
826000000000182d9c0/0030: ff ff ff d0 85 c0 0f 88-9f 00 00 00 48 83 c4 40 ............H..@
827000000000182d9d0/0040: 41 59 41 58 5a 59 5f 5e-48 8b 05 11 ff ff ff 48 AYAXZY_^H......H
828000000000182d9e0/0050: 83 ec 20 ff d0 48 83 c4-20 85 c0 0f 88 86 00 00 .. ..H.. .......
829000000000182d9f0/0060: 00 65 48 8b 0c 25 60 00-00 00 ba 00 01 00 02 85 .eH..%`.........
830000000000182da00/0070: 91 bc 00 00 00 75 70 48-8d 0d e2 fa ff ff 48 c7 .....upH......H.
831000000000182da10/0080: c2 00 00 00 00 4c 8d 05-a4 fa ff ff 4c 8d 4c 24 .....L......L.L$
832000000000182da20/0090: 20 48 8b 05 c8 fe ff ff-48 83 ec 20 ff d0 48 83 H......H.. ..H.
833000000000182da30/00a0: c4 20 85 c0 74 05 48 31-c0 eb 3c 48 8d 0d 7e f6 . ..t.H1..<H..~.
834000000000182da40/00b0: ff ff 48 c7 c2 00 00 00-00 4c 8d 05 40 f6 ff ff ..H......L..@...
835000000000182da50/00c0: 4c 8d 4c 24 20 48 8b 05-94 fe ff ff 48 83 ec 20 L.L$ H......H..
836000000000182da60/00d0: ff d0 48 83 c4 20 48 31-c0 eb 0c 48 83 c4 40 41 ..H.. H1...H..@A
837000000000182da70/00e0: 59 41 58 5a 59 5f 5e 48-83 c4 38 c3 00 00 00 00 YAXZY_^H..8.....
838000000000182da80/00f0: 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 00 ................
8392d88.4da0: supHardNtVpFreeOrReplacePrivateExecMemory: Free attempt #1 succeeded: 0x0 [00007ff5f30a0000/00007ff5f30a0000 LB 0/0x1000]
8402d88.4da0: supHardNtVpFreeOrReplacePrivateExecMemory: QVM after free 0: [0000000000000000]/00007ff5f30a0000 LB 0x10000 s=0x10000 ap=0x0 rp=0x00000000000001
8412d88.4da0: 00007ff5f30a1000-00007ff5f30affff 0x0001/0x0000 0x0000000
8422d88.4da0: *00007ff5f30b0000-00007ff5f30b0fff 0x0002/0x0002 0x0040000
8432d88.4da0: 00007ff5f30b1000-00007ff5f30bffff 0x0001/0x0000 0x0000000
8442d88.4da0: *00007ff5f30c0000-00007ff5f30e2fff 0x0002/0x0002 0x0040000
8452d88.4da0: 00007ff5f30e3000-00007ff6d0f8ffff 0x0001/0x0000 0x0000000
8462d88.4da0: *00007ff6d0f90000-00007ff6d0f90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8472d88.4da0: 00007ff6d0f91000-00007ff6d1007fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8482d88.4da0: 00007ff6d1008000-00007ff6d1008fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8492d88.4da0: 00007ff6d1009000-00007ff6d1051fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8502d88.4da0: 00007ff6d1052000-00007ff6d1052fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8512d88.4da0: 00007ff6d1053000-00007ff6d1053fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8522d88.4da0: 00007ff6d1054000-00007ff6d1058fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8532d88.4da0: 00007ff6d1059000-00007ff6d1059fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8542d88.4da0: 00007ff6d105a000-00007ff6d105afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8552d88.4da0: 00007ff6d105b000-00007ff6d105efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8562d88.4da0: 00007ff6d105f000-00007ff6d10a7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8572d88.4da0: 00007ff6d10a8000-00007ffd8e42ffff 0x0001/0x0000 0x0000000
8582d88.4da0: *00007ffd8e430000-00007ffd8e430fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8592d88.4da0: 00007ffd8e431000-00007ffd8e54bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8602d88.4da0: 00007ffd8e54c000-00007ffd8e594fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8612d88.4da0: 00007ffd8e595000-00007ffd8e5a0fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8622d88.4da0: 00007ffd8e5a1000-00007ffd8e5affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8632d88.4da0: 00007ffd8e5b0000-00007ffd8e5b0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8642d88.4da0: 00007ffd8e5b1000-00007ffd8e5b3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8652d88.4da0: 00007ffd8e5b4000-00007ffd8e625fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
8662d88.4da0: 00007ffd8e626000-00007ffffffeffff 0x0001/0x0000 0x0000000
8672d88.4da0: ntdll.dll: Differences in section #1 (.text) between file and memory:
8682d88.4da0: 00007ffd8e464661 / 0x0034661: 89 != b8
8692d88.4da0: 00007ffd8e464662 / 0x0034662: 5c != 80
8702d88.4da0: 00007ffd8e464663 / 0x0034663: 24 != 08
8712d88.4da0: 00007ffd8e464664 / 0x0034664: 10 != 0a
8722d88.4da0: 00007ffd8e464665 / 0x0034665: 56 != f3
8732d88.4da0: 00007ffd8e464666 / 0x0034666: 57 != f5
8742d88.4da0: 00007ffd8e464667 / 0x0034667: 41 != 7f
8752d88.4da0: 00007ffd8e464668 / 0x0034668: 56 != 00
8762d88.4da0: 00007ffd8e464669 / 0x0034669: 48 != 00
8772d88.4da0: 00007ffd8e46466a / 0x003466a: 81 != ff
8782d88.4da0: 00007ffd8e46466b / 0x003466b: ec != e0
8792d88.4da0: Restored 0x2000 bytes of original file content at 00007ffd8e463000
8802d88.4da0: supR3HardNtChildPurify: cFixes=2 g_fSupAdversaries=0x80000000
8812d88.4da0: supR3HardNtChildPurify: Startup delay kludge #1/1: 521 ms, 33 sleeps
8822d88.4da0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
8832d88.4da0: *0000000000000000-0000000000efffff 0x0001/0x0000 0x0000000
8842d88.4da0: *0000000000f00000-0000000000f1ffff 0x0004/0x0004 0x0020000
8852d88.4da0: *0000000000f20000-0000000000f3cfff 0x0002/0x0002 0x0040000
8862d88.4da0: 0000000000f3d000-0000000000f3ffff 0x0001/0x0000 0x0000000
8872d88.4da0: *0000000000f40000-0000000000f43fff 0x0002/0x0002 0x0040000
8882d88.4da0: 0000000000f44000-0000000000f4ffff 0x0001/0x0000 0x0000000
8892d88.4da0: *0000000000f50000-0000000000f51fff 0x0004/0x0004 0x0020000
8902d88.4da0: 0000000000f52000-0000000000ffffff 0x0001/0x0000 0x0000000
8912d88.4da0: *0000000001000000-0000000001184fff 0x0000/0x0004 0x0020000
8922d88.4da0: 0000000001185000-0000000001187fff 0x0004/0x0004 0x0020000
8932d88.4da0: 0000000001188000-00000000011fffff 0x0000/0x0004 0x0020000
8942d88.4da0: *0000000001200000-00000000012fafff 0x0000/0x0004 0x0020000
8952d88.4da0: 00000000012fb000-00000000012fdfff 0x0104/0x0004 0x0020000
8962d88.4da0: 00000000012fe000-00000000012fffff 0x0004/0x0004 0x0020000
8972d88.4da0: 0000000001300000-000000007ffdffff 0x0001/0x0000 0x0000000
8982d88.4da0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
8992d88.4da0: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
9002d88.4da0: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
9012d88.4da0: 000000007fff0000-00007ff5f30affff 0x0001/0x0000 0x0000000
9022d88.4da0: *00007ff5f30b0000-00007ff5f30b0fff 0x0002/0x0002 0x0040000
9032d88.4da0: 00007ff5f30b1000-00007ff5f30bffff 0x0001/0x0000 0x0000000
9042d88.4da0: *00007ff5f30c0000-00007ff5f30e2fff 0x0002/0x0002 0x0040000
9052d88.4da0: 00007ff5f30e3000-00007ff6d0f8ffff 0x0001/0x0000 0x0000000
9062d88.4da0: *00007ff6d0f90000-00007ff6d0f90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9072d88.4da0: 00007ff6d0f91000-00007ff6d1007fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9082d88.4da0: 00007ff6d1008000-00007ff6d1008fff 0x0040/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9092d88.4da0: 00007ff6d1009000-00007ff6d1051fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9102d88.4da0: 00007ff6d1052000-00007ff6d105efff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9112d88.4da0: 00007ff6d105f000-00007ff6d10a7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9122d88.4da0: 00007ff6d10a8000-00007ffd8e42ffff 0x0001/0x0000 0x0000000
9132d88.4da0: *00007ffd8e430000-00007ffd8e430fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9142d88.4da0: 00007ffd8e431000-00007ffd8e54bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9152d88.4da0: 00007ffd8e54c000-00007ffd8e594fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9162d88.4da0: 00007ffd8e595000-00007ffd8e598fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9172d88.4da0: 00007ffd8e599000-00007ffd8e5a0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9182d88.4da0: 00007ffd8e5a1000-00007ffd8e5affff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9192d88.4da0: 00007ffd8e5b0000-00007ffd8e5b0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9202d88.4da0: 00007ffd8e5b1000-00007ffd8e5b3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9212d88.4da0: 00007ffd8e5b4000-00007ffd8e625fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
9222d88.4da0: 00007ffd8e626000-00007ffffffeffff 0x0001/0x0000 0x0000000
9232d88.4da0: supR3HardNtChildPurify: Done after 797 ms and 2 fixes (loop #1).
9242134.3aa8: Log file opened: 6.1.18r142142 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6200
9252134.3aa8: supR3HardenedVmProcessInit: uNtDllAddr=00007ffd8e430000 g_uNtVerCombined=0xa04a6200 (stack ~00000000012ff3c8)
9262134.3aa8: ntdll.dll: timestamp 0x4544b4a1 (rc=VINF_SUCCESS)
9272134.3aa8: New simple heap: #1 0000000001400000 LB 0x400000 (for 2056192 allocation)
9282d88.4da0: supR3HardNtEnableThreadCreationEx:
9292134.3aa8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
9302134.3aa8: System32: \Device\HarddiskVolume3\Windows\System32
9312134.3aa8: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
9322134.3aa8: KnownDllPath: C:\WINDOWS\System32
9332134.3aa8: supR3HardenedVmProcessInit: Opening vboxdrv stub...
9342134.3aa8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
9352134.3aa8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
9362134.3aa8: Registered Dll notification callback with NTDLL.
9372134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
9382134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
9392134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
9402134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8bba0000 LB 0x002c9000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
9412134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
9422134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
9432134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d780000 LB 0x000bd000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
9442134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
9452134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d780000 'C:\WINDOWS\System32\KERNEL32.DLL'
9462134.3aa8: supR3HardenedDllNotificationCallback: load 00007ff6d0f90000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
9472134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
9482134.3aa8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
9492134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
9502134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
9512134.3aa8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffd8e4a4930 pvNtTerminateThread=00007ffd8e4cd070
9522d88.4da0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 94 ms.
9532134.3aa8: \SystemRoot\System32\ntdll.dll:
9542134.3aa8: CreationTime: 2021-02-10T08:58:42.901506300Z
9552134.3aa8: LastWriteTime: 2021-02-10T08:58:42.938596800Z
9562134.3aa8: ChangeTime: 2021-02-10T09:05:05.536104000Z
9572134.3aa8: FileAttributes: 0x20
9582134.3aa8: Size: 0x1ee738
9592134.3aa8: NT Headers: 0xe8
9602134.3aa8: Timestamp: 0x4544b4a1
9612134.3aa8: Machine: 0x8664 - amd64
9622134.3aa8: Timestamp: 0x4544b4a1
9632134.3aa8: Image Version: 10.0
9642134.3aa8: SizeOfImage: 0x1f6000 (2056192)
9652134.3aa8: Resource Dir: 0x185000 LB 0x6fd28
9662134.3aa8: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
9672134.3aa8: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
9682134.3aa8: ProductName: Microsoft® Windows® Operating System
9692134.3aa8: ProductVersion: 10.0.19041.804
9702134.3aa8: FileVersion: 10.0.19041.804 (WinBuild.160101.0800)
9712134.3aa8: FileDescription: NT Layer DLL
9722134.3aa8: \SystemRoot\System32\kernel32.dll:
9732134.3aa8: CreationTime: 2021-02-10T08:58:25.426714300Z
9742134.3aa8: LastWriteTime: 2021-02-10T08:58:25.442671300Z
9752134.3aa8: ChangeTime: 2021-02-10T09:04:58.116182100Z
9762134.3aa8: FileAttributes: 0x20
9772134.3aa8: Size: 0xbac30
9782134.3aa8: NT Headers: 0xe8
9792134.3aa8: Timestamp: 0xd714134a
9802134.3aa8: Machine: 0x8664 - amd64
9812134.3aa8: Timestamp: 0xd714134a
9822134.3aa8: Image Version: 10.0
9832134.3aa8: SizeOfImage: 0xbd000 (774144)
9842134.3aa8: Resource Dir: 0xbb000 LB 0x520
9852134.3aa8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
9862134.3aa8: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
9872134.3aa8: ProductName: Microsoft® Windows® Operating System
9882134.3aa8: ProductVersion: 10.0.19041.804
9892134.3aa8: FileVersion: 10.0.19041.804 (WinBuild.160101.0800)
9902134.3aa8: FileDescription: Windows NT BASE API Client DLL
9912134.3aa8: \SystemRoot\System32\KernelBase.dll:
9922134.3aa8: CreationTime: 2021-02-10T08:58:43.707640700Z
9932134.3aa8: LastWriteTime: 2021-02-10T08:58:43.772474700Z
9942134.3aa8: ChangeTime: 2021-02-10T09:05:03.762498300Z
9952134.3aa8: FileAttributes: 0x20
9962134.3aa8: Size: 0x2c9798
9972134.3aa8: NT Headers: 0xf0
9982134.3aa8: Timestamp: 0xe9c5eae
9992134.3aa8: Machine: 0x8664 - amd64
10002134.3aa8: Timestamp: 0xe9c5eae
10012134.3aa8: Image Version: 10.0
10022134.3aa8: SizeOfImage: 0x2c9000 (2920448)
10032134.3aa8: Resource Dir: 0x2a0000 LB 0x548
10042134.3aa8: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
10052134.3aa8: [Raw version resource data: 0x2a00b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
10062134.3aa8: ProductName: Microsoft® Windows® Operating System
10072134.3aa8: ProductVersion: 10.0.19041.804
10082134.3aa8: FileVersion: 10.0.19041.804 (WinBuild.160101.0800)
10092134.3aa8: FileDescription: Windows NT BASE API Client DLL
10102134.3aa8: \SystemRoot\System32\apisetschema.dll:
10112134.3aa8: CreationTime: 2019-12-07T09:08:13.518339400Z
10122134.3aa8: LastWriteTime: 2019-12-07T09:08:13.518339400Z
10132134.3aa8: ChangeTime: 2021-02-10T08:59:44.500161100Z
10142134.3aa8: FileAttributes: 0x20
10152134.3aa8: Size: 0x1f538
10162134.3aa8: NT Headers: 0xd0
10172134.3aa8: Timestamp: 0x31288ce0
10182134.3aa8: Machine: 0x8664 - amd64
10192134.3aa8: Timestamp: 0x31288ce0
10202134.3aa8: Image Version: 10.0
10212134.3aa8: SizeOfImage: 0x20000 (131072)
10222134.3aa8: Resource Dir: 0x1f000 LB 0x408
10232134.3aa8: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
10242134.3aa8: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
10252134.3aa8: ProductName: Microsoft® Windows® Operating System
10262134.3aa8: ProductVersion: 10.0.19041.1
10272134.3aa8: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
10282134.3aa8: FileDescription: ApiSet Schema DLL
10292134.3aa8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
10302134.3aa8: supR3HardenedWinFindAdversaries: 0x0
10312134.3aa8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
10322134.3aa8: Calling main()
10332134.3aa8: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
10342134.3aa8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
10352134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
10362134.3aa8: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
10372134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
10382134.3aa8: SUPR3HardenedMain: Respawn #2
10392134.3aa8: supR3HardNtEnableThreadCreationEx:
10402134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8ca80000 LB 0x0012b000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
10412134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
10422134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
10432134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cbb0000 LB 0x0009c000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
10442134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
10452134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
10462134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
10472134.3aa8: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
10482134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
10492134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
10502134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10512134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10522134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10532134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10542134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e430000 'C:\WINDOWS\System32\ntdll.dll'
10552134.3aa8: Error -104 in supR3HardenedWinReSpawn! (enmWhat=5)
10562134.3aa8: Error relaunching VirtualBox VM process: 5
1057Command line: '60eaff78-4bdd-042d-2e72-669728efd737-suplib-3rdchild --comment test2 --startvm 3abffdad-344a-4006-8067-7a840fdce9e3 --no-startvm-errormsgbox "--sup-hardening-log=E:\Virtual Boxes\test2\Logs\VBoxHardening.log"'
10582134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
10592134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
10602134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
10612134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
10622134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
10632134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
10642134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
10652134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
10662134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
10672134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
10682134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
10692134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
10702134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
10712134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
10722134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll)
10732134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
10742134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
10752134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
10762134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
10772134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll)
10782134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
10792134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
10802134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
10812134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
10822134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
10832134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
10842134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll)
10852134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
10862134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
10872134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
10882134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
10892134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'gdi32.dll'.
10902134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'user32.dll'.
10912134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
10922134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll)
10932134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
10942134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
10952134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
10962134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
10972134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
10982134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
10992134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
11002134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
11012134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
11022134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
11032134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
11042134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
11052134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
11062134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
11072134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll)
11082134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
11092134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
11102134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
11112134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
11122134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
11132134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
11142134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
11152134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
11162134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
11172134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
11182134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
11192134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
11202134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
11212134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
11222134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
11232134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
11242134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
11252134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
11262134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
11272134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
11282134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
11292134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
11302134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
11312134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
11322134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
11332134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
11342134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
11352134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
11362134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
11372134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
11382134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
11392134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
11402134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
11412134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
11422134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
11432134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
11442134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
11452134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
11462134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
11472134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
11482134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
11492134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
11502134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
11512134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
11522134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
11532134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
11542134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
11552134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll)
11562134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
11572134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
11582134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
11592134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
11602134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
11612134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
11622134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
11632134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
11642134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll)
11652134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
11662134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
11672134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
11682134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
11692134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
11702134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
11712134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
11722134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
11732134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
11742134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
11752134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
11762134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
11772134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
11782134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
11792134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll)
11802134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
11812134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
11822134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
11832134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11842134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
11852134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
11862134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
11872134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
11882134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
11892134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
11902134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
11912134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
11922134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11932134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
11942134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
11952134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
11962134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
11972134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
11982134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
11992134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
12002134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
12012134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
12022134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12032134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12042134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
12052134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12062134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12072134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12082134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
12092134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
12102134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
12112134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12122134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12132134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12142134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
12152134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
12162134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12172134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12182134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12192134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12202134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12212134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
12222134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12232134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12242134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
12252134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12262134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12272134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12282134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12292134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12302134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
12312134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
12322134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
12332134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
12342134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
12352134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
12362134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
12372134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
12382134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
12392134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
12402134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12412134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12422134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12432134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
12442134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
12452134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
12462134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
12472134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
12482134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
12492134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll)
12502134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
12512134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12522134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12532134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12542134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12552134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12562134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
12572134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12582134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12592134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12602134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12612134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12622134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12632134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12642134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12652134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12662134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12672134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12682134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
12692134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
12702134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
12712134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
12722134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
12732134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
12742134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
12752134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
12762134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
12772134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
12782134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
12792134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12802134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12812134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
12822134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
12832134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
12842134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
12852134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'user32.dll'.
12862134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'gdi32.dll'.
12872134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
12882134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
12892134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
12902134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
12912134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
12922134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
12932134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
12942134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
12952134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
12962134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
12972134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
12982134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
12992134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13002134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13012134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13022134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13032134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13042134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13052134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13062134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13072134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
13082134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
13092134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
13102134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13112134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13122134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
13132134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13142134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13152134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13162134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
13172134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
13182134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
13192134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
13202134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
13212134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
13222134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13232134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13242134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13252134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13262134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13272134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
13282134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13292134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13302134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13312134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13322134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13332134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13342134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13352134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13362134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
13372134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13382134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13392134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
13402134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13412134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13422134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
13432134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
13442134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
13452134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
13462134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13472134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13482134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13492134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13502134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13512134.3aa8: '\Device\HarddiskVolume3\Windows\System32\win32u.dll' has no imports
13522134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
13532134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
13542134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13552134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13562134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
13572134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
13582134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
13592134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13602134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13612134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13622134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13632134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13642134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13652134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13662134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13672134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
13682134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13692134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13702134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
13712134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13722134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13732134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
13742134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
13752134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
13762134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
13772134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
13782134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13792134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13802134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
13812134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13822134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13832134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
13842134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13852134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13862134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13872134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13882134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13892134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
13902134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
13912134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
13922134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
13932134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13942134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13952134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
13962134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13972134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13982134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
13992134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
14002134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
14012134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
14022134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14032134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14042134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14052134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
14062134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
14072134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
14082134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14092134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14102134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
14112134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14122134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14132134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14142134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
14152134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
14162134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14172134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
14182134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [lacks WinVerifyTrust]
14192134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
14202134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll [lacks WinVerifyTrust]
14212134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
14222134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
14232134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
14242134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14252134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14262134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
14272134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
14282134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
14292134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust]
14302134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [lacks WinVerifyTrust]
14312134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c980000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
14322134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
14332134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c5f0000 LB 0x000ac000 C:\WINDOWS\System32\ADVAPI32.dll [fFlags=0x0]
14342134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
14352134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8bb70000 LB 0x00022000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
14362134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
14372134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c1e0000 LB 0x00100000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
14382134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
14392134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
14402134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c3f0000 LB 0x0009d000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
14412134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
14422134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c2e0000 LB 0x0010b000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
14432134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
14442134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
14452134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
14462134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
14472134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
14482134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
14492134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c560000 LB 0x0002a000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
14502134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14512134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cfe0000 LB 0x001a0000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
14522134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
14532134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cc50000 LB 0x00356000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
14542134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
14552134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd68750000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
14562134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [lacks WinVerifyTrust]
14572134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd68780000 LB 0x00125000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
14582134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
14592134.3aa8: supR3HardenedDllNotificationCallback: load 000000006a1f0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
14602134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
14612134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069670000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
14622134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll [lacks WinVerifyTrust]
14632134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d6a0000 LB 0x0006b000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
14642134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
14652134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2d230000 LB 0x005e1000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
14662134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
14672134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d920000 LB 0x00742000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
14682134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14692134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c6a0000 LB 0x0012a000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
14702134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
14712134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd6af20000 LB 0x0001d000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
14722134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [lacks WinVerifyTrust]
14732134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069c80000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
14742134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14752134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2cc30000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
14762134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14772134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069710000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
14782134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
14792134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c490000 LB 0x000cd000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
14802134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
14812134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2d820000 LB 0x02317000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
14822134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll [lacks WinVerifyTrust]
14832134.3aa8: supR3HardenedDllNotificationCallback: load 0000000069460000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
14842134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [lacks WinVerifyTrust]
14852134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd85be0000 LB 0x00027000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
14862134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
14872134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd49ec0000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
14882134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [lacks WinVerifyTrust]
14892134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
14902134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
14912134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0'
14922134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
14932134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
14942134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1'
14952134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
14962134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
14972134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1'
14982134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
14992134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15002134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0'
15012134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
15022134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15032134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-localization-l1-2-1'
15042134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
15052134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15062134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15072134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15082134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15092134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15102134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15112134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15122134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15132134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15142134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
15152134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
15162134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
15172134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15182134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d780000 'C:\WINDOWS\System32\kernel32.dll'
15192134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
15202134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15212134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-string-l1-1-0'
15222134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
15232134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15242134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-datetime-l1-1-1'
15252134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
15262134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
15272134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-localization-obsolete-l1-2-0'
15282134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
15292134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
15302134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
15312134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
15322134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
15332134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
15342134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
15352134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15362134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15372134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
15382134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
15392134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8cfb0000 LB 0x00030000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
15402134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
15412134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfb0000 'C:\WINDOWS\system32\IMM32.DLL'
15422134.3aa8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\edgegdi.dll': 0 (NtPath=\??\C:\WINDOWS\System32\edgegdi.dll; Input=edgegdi.dll; rcNtGetDll=0xc0000135
15432134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\edgegdi.dll'
15442134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15452134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15462134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15472134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15482134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15492134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15502134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15512134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15522134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15532134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15542134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15552134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15562134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15572134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15582134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15592134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15602134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15612134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15622134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15632134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15642134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15652134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15662134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15672134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15682134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15692134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15702134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15712134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15722134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15732134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15742134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15752134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15762134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15772134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15782134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15792134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15802134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15812134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15822134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15832134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15842134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15852134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15862134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15872134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15882134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15892134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15902134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15912134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15922134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15932134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15942134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15952134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15962134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15972134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15982134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
15992134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16002134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16012134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16022134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16032134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16042134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16052134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16062134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16072134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16082134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16092134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16102134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16112134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16122134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16132134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll [lacks WinVerifyTrust]
16142134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2d230000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16152134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
16162134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16172134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8c5f0000 'C:\WINDOWS\System32\ADVAPI32.DLL'
16182134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
16192134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
16202134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8b4d0000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.DLL [fFlags=0x0]
16212134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
16222134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8c160000 LB 0x00080000 C:\WINDOWS\System32\bcryptPrimitives.dll [fFlags=0x0]
16232134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
16242134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
16252134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd49ec0000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
16262134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
16272134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
16282134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'wldp.dll'.
16292134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
16302134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
16312134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16322134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wldp.dll)
16332134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wldp.dll
16342134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8b5d0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\Wldp.dll [fFlags=0x0]
16352134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wldp.dll [lacks WinVerifyTrust]
16362134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd89ab0000 LB 0x00790000 C:\WINDOWS\SYSTEM32\windows.storage.dll [fFlags=0x0]
16372134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [lacks WinVerifyTrust]
16382134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8e080000 LB 0x000ae000 C:\WINDOWS\System32\SHCORE.dll [fFlags=0x0]
16392134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
16402134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'combase.dll'.
16412134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
16422134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
16432134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8ca20000 LB 0x00055000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
16442134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
16452134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
16462134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
16472134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
16482134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16492134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16502134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16512134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16522134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16532134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
16542134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16552134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16562134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16572134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16582134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16592134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
16602134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldp.dll'...
16612134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldp.dll' -> '\Device\HarddiskVolume3\Windows\System32\wldp.dll' [rcNtRedir=0xc0150008]
16622134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wldp.dll [lacks WinVerifyTrust]
16632134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
16642134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
16652134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
16662134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16672134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16682134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
16692134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16702134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d780000 'C:\WINDOWS\System32\kernel32.dll'
16712134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
16722134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
16732134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8baa0000 LB 0x00026000 C:\WINDOWS\SYSTEM32\profapi.dll [fFlags=0x0]
16742134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
16752134.3aa8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
16762134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
16772134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
16782134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
16792134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
16802134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
16812134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
16822134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
16832134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
16842134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
16852134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
16862134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
16872134.3aa8: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll)
16882134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
16892134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16902134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16912134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
16922134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16932134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16942134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
16952134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
16962134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
16972134.3aa8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
16982134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16992134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17002134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
17012134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
17022134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
17032134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
17042134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
17052134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
17062134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
17072134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
17082134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
17092134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
17102134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
17112134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
17122134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
17132134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17142134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17152134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
17162134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
17172134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
17182134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll [lacks WinVerifyTrust]
17192134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17202134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17212134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17222134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
17232134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
17242134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd2cb00000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
17252134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [lacks WinVerifyTrust]
17262134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd2cb00000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
17272134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
17282134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
17292134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
17302134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
17312134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8a490000 LB 0x00012000 C:\WINDOWS\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
17322134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [lacks WinVerifyTrust]
17332134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
17342134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
17352134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
17362134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll)
17372134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
17382134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17392134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17402134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
17412134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17422134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17432134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17442134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17452134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17462134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
17472134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
17482134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
17492134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
17502134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
17512134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
17522134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
17532134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17542134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
17552134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd89350000 LB 0x0009e000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
17562134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
17572134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd89350000 'C:\WINDOWS\system32\uxtheme.dll'
17582134.3aa8: \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll: Signature #1/3: VERR_CR_X509_CPV_NO_TRUSTED_PATHS (-23021) w/ timestamp=0x5f3bd8a2/link.
17592134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
17602134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
17612134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll)
17622134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll
17632134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
17642134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
17652134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
17662134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17672134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17682134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
17692134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=c:\program files (x86)\trusteer\rapport\bin\x64\rooksbas_x64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
17702134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll [lacks WinVerifyTrust]
17712134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd52b90000 LB 0x001d0000 c:\program files (x86)\trusteer\rapport\bin\x64\rooksbas_x64.dll [fFlags=0x0]
17722134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll [lacks WinVerifyTrust]
17732134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
17742134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17752134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0'
17762134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
17772134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17782134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1'
17792134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
17802134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17812134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-synch-l1-2-0'
17822134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
17832134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17842134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-fibers-l1-1-1'
17852134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
17862134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17872134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-localization-l1-2-1'
17882134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-sysinfo-l1-2-1) -> 0x0, fPresent=1
17892134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-sysinfo-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17902134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8bba0000 'api-ms-win-core-sysinfo-l1-2-1'
17912134.3aa8: '\Device\HarddiskVolume3\Windows\System32\tzres.dll' has no imports
17922134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\tzres.dll)
17932134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\tzres.dll
17942134.3aa8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000378 (hFile=0000000000000370) with 0xc0000022 -> STATUS_TRUST_FAILURE
17952134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\tzres.dll [lacks WinVerifyTrust]
17962134.3aa8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000370 (hFile=0000000000000378) with 0xc0000022 -> STATUS_TRUST_FAILURE
17972134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd52b90000 'c:\program files (x86)\trusteer\rapport\bin\x64\rooksbas_x64.dll'
17982134.3220: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
17992134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
18002134.3220: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8ca80000 'C:\WINDOWS\System32\rpcrt4.dll'
18012134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfe0000 'C:\WINDOWS\system32\user32.dll'
18022134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
18032134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18042134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d920000 'C:\WINDOWS\system32\shell32.dll'
18052134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
18062134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18072134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e080000 'C:\WINDOWS\system32\SHCore.dll'
18082134.3aa8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
18092134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
18102134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
18112134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18122134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd85be0000 'C:\WINDOWS\system32\winmm.dll'
18132134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll [lacks WinVerifyTrust]
18142134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18152134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd85be0000 'C:\WINDOWS\system32\winmm.dll'
18162134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
18172134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18182134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8d920000 'C:\WINDOWS\system32\shell32.dll'
18192134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll [lacks WinVerifyTrust]
18202134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
18212134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd89350000 'C:\WINDOWS\system32\uxtheme.dll'
18222134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18232134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8c560000 'C:\WINDOWS\system32\gdi32.dll'
18242134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8e270000 LB 0x00115000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
18252134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18262134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'oleaut32.dll'.
18272134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
18282134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
18292134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'.
18302134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
18312134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
18322134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8d5f0000 LB 0x000a9000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
18332134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18342134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
18352134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
18362134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
18372134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18382134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'd3d11.dll'.
18392134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'dcomp.dll'.
18402134.3aa8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll)
18412134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
18422134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
18432134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume3\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
18442134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
18452134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
18462134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dcomp.dll)
18472134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dcomp.dll
18482134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
18492134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume3\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
18502134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18512134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dxgi.dll'.
18522134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'.
18532134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\d3d11.dll)
18542134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\d3d11.dll
18552134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18562134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18572134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
18582134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
18592134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
18602134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
18612134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18622134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18632134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
18642134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
18652134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
18662134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [lacks WinVerifyTrust]
18672134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18682134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18692134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18702134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18712134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18722134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
18732134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
18742134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
18752134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
18762134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18772134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18782134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
18792134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18802134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18812134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
18822134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
18832134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume3\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
18842134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18852134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
18862134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dxgi.dll)
18872134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dxgi.dll
18882134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18892134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18902134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
18912134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
18922134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
18932134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
18942134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18952134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18962134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
18972134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
18982134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
18992134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
19002134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19012134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19022134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
19032134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
19042134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
19052134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
19062134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
19072134.3aa8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
19082134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8a5d0000 LB 0x000f3000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
19092134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dxgi.dll [lacks WinVerifyTrust]
19102134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd87890000 LB 0x00264000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
19112134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\d3d11.dll [lacks WinVerifyTrust]
19122134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88680000 LB 0x001e7000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
19132134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dcomp.dll [lacks WinVerifyTrust]
19142134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd52aa0000 LB 0x0003e000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
19152134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll [lacks WinVerifyTrust]
19162134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
19172134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8c560000 'C:\WINDOWS\System32\gdi32.dll'
19182134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd52aa0000 'C:\WINDOWS\system32\dataexchange.dll'
19192134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
19202134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
19212134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'msvcp_win.dll'.
19222134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
19232134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
19242134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd85fa0000 LB 0x00201000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
19252134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [lacks WinVerifyTrust]
19262134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19272134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmmbase.dll)
19282134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmmbase.dll
19292134.499c: supR3HardenedDllNotificationCallback: load 00007ffd6c2f0000 LB 0x00026000 C:\WINDOWS\SYSTEM32\winmmbase.dll [fFlags=0x0]
19302134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
19312134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19322134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
19332134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
19342134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coreuicomponents.dll'.
19352134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'coremessaging.dll'.
19362134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
19372134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
19382134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19392134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
19402134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'rpcrt4.dll'.
19412134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
19422134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
19432134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
19442134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
19452134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ws2_32.dll'.
19462134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
19472134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
19482134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntmarta.dll)
19492134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntmarta.dll
19502134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
19512134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
19522134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
19532134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
19542134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
19552134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd8a8b0000 LB 0x00033000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
19562134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntmarta.dll [lacks WinVerifyTrust]
19572134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88f50000 LB 0x000f2000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
19582134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
19592134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88520000 LB 0x00154000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
19602134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [lacks WinVerifyTrust]
19612134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd88bf0000 LB 0x0035e000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
19622134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
19632134.3aa8: supR3HardenedDllNotificationCallback: load 00007ffd79df0000 LB 0x000fb000 C:\WINDOWS\SYSTEM32\textinputframework.dll [fFlags=0x0]
19642134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [lacks WinVerifyTrust]
19652134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
19662134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19672134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfe0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
19682134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
19692134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19702134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cfe0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
19712134.3aa8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
19722134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
19732134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8cc50000 'api-ms-win-core-com-l1-1-0.dll'
19742134.3aa8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll [lacks WinVerifyTrust]
19752134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
19762134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
19772134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
19782134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19792134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19802134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
19812134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
19822134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
19832134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
19842134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
19852134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
19862134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll [lacks WinVerifyTrust]
19872134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19882134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19892134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
19902134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
19912134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume3\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
19922134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll [lacks WinVerifyTrust]
19932134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19942134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19952134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
19962134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
19972134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
19982134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
19992134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20002134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20012134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
20022134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
20032134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
20042134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
20052134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
20062134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume3\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
20072134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
20082134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
20092134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20102134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
20112134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20122134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
20132134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
20142134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll)
20152134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
20162134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
20172134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
20182134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
20192134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20202134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20212134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
20222134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20232134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20242134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
20252134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
20262134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
20272134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
20282134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
20292134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
20302134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
20312134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20322134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20332134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
20342134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
20352134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
20362134.3aa8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
20372134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
20382134.3aa8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
20392134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
20402134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
20412134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll)
20422134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
20432134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
20442134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
20452134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
20462134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
20472134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
20482134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8c0e0000 LB 0x0004e000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
20492134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
20502134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
20512134.3aa8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
20522134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
20532134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8b910000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
20542134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
20552134.3aa8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
20562134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll [lacks WinVerifyTrust]
20572134.3aa8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
20582134.499c: supR3HardenedDllNotificationCallback: load 00007ffd83860000 LB 0x00085000 C:\WINDOWS\SYSTEM32\MMDevAPI.DLL [fFlags=0x0]
20592134.3aa8: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
20602134.3aa8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd8e270000 'C:\WINDOWS\System32\MSCTF.dll'
20612134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
20622134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20632134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
20642134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ksuser.dll'.
20652134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'avrt.dll'.
20662134.499c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\wdmaud.drv)
20672134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wdmaud.drv
20682134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
20692134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
20702134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\avrt.dll)
20712134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\avrt.dll
20722134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
20732134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume3\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
20742134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20752134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ksuser.dll)
20762134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ksuser.dll
20772134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
20782134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
20792134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
20802134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20812134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20822134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
20832134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
20842134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
20852134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
20862134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
20872134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
20882134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
20892134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
20902134.499c: supR3HardenedDllNotificationCallback: load 00007ffd824d0000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
20912134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ksuser.dll [lacks WinVerifyTrust]
20922134.499c: supR3HardenedDllNotificationCallback: load 00007ffd85570000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
20932134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\avrt.dll [lacks WinVerifyTrust]
20942134.499c: supR3HardenedDllNotificationCallback: load 00007ffd74d60000 LB 0x00046000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
20952134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
20962134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
20972134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
20982134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
20992134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21002134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
21012134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21022134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd83860000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
21032134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
21042134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21052134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21062134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
21072134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21082134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21092134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
21102134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21112134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21122134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
21132134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
21142134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
21152134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
21162134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\AudioSes.dll)
21172134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\AudioSes.dll
21182134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
21192134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
21202134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
21212134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21222134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21232134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll [lacks WinVerifyTrust]
21242134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21252134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21262134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
21272134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
21282134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
21292134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
21302134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21312134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
21322134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
21332134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\powrprof.dll)
21342134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\powrprof.dll
21352134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8b580000 LB 0x0004b000 C:\WINDOWS\SYSTEM32\powrprof.dll [fFlags=0x0]
21362134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\powrprof.dll [lacks WinVerifyTrust]
21372134.499c: supR3HardenedDllNotificationCallback: load 00007ffd83920000 LB 0x00185000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
21382134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\AudioSes.dll [lacks WinVerifyTrust]
21392134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\umpdc.dll)
21402134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\umpdc.dll
21412134.499c: supR3HardenedDllNotificationCallback: load 00007ffd8b560000 LB 0x00012000 C:\WINDOWS\SYSTEM32\UMPDC.dll [fFlags=0x0]
21422134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\umpdc.dll [lacks WinVerifyTrust]
21432134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd83920000 'C:\WINDOWS\System32\AUDIOSES.DLL'
21442134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
21452134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21462134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21472134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
21482134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21492134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21502134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
21512134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21522134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21532134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\wdmaud.drv [lacks WinVerifyTrust]
21542134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd74d60000 'C:\WINDOWS\System32\wdmaud.drv'
21552134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21562134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
21572134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
21582134.499c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\msacm32.drv)
21592134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.drv
21602134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
21612134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
21622134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
21632134.499c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msacm32.dll)
21642134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msacm32.dll
21652134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
21662134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
21672134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
21682134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21692134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21702134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
21712134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21722134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21732134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
21742134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21752134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21762134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
21772134.499c: supR3HardenedDllNotificationCallback: load 00007ffd7a330000 LB 0x0001e000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
21782134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msacm32.dll [lacks WinVerifyTrust]
21792134.499c: supR3HardenedDllNotificationCallback: load 00007ffd7a590000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
21802134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21812134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
21822134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21832134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21842134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
21852134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21862134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21872134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
21882134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21892134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21902134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
21912134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21922134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21932134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
21942134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21952134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21962134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
21972134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
21982134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
21992134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
22002134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
22012134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
22022134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
22032134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
22042134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\msacm32.drv [lacks WinVerifyTrust]
22052134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a590000 'C:\WINDOWS\System32\msacm32.drv'
22062134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22072134.499c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
22082134.499c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\midimap.dll)
22092134.499c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\midimap.dll
22102134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
22112134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
22122134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmmbase.dll [lacks WinVerifyTrust]
22132134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22142134.499c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22152134.499c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
22162134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
22172134.499c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
22182134.499c: supR3HardenedDllNotificationCallback: load 00007ffd7a1c0000 LB 0x0000b000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
22192134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
22202134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll'
22212134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
22222134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
22232134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll'
22242134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
22252134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
22262134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll'
22272134.499c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\midimap.dll [lacks WinVerifyTrust]
22282134.499c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
22292134.499c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd7a1c0000 'C:\WINDOWS\System32\midimap.dll'
22302134.160c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll [lacks WinVerifyTrust]
22312134.160c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
22322134.160c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffd83860000 'C:\WINDOWS\System32\MMDevApi.dll'
22332d88.4da0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 63160 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy