VirtualBox

Ticket #20957: VBoxHardening.log

File VBoxHardening.log, 431.8 KB (added by frg, 2 years ago)

Vbox hardening log

Line 
11974.528: Log file opened: 6.1.35r151573 g_hStartupLog=0000000000000070 g_uNtVerCombined=0xa0456300
21974.528: \SystemRoot\System32\ntdll.dll:
31974.528: CreationTime: 2022-04-24T00:09:30.631376900Z
41974.528: LastWriteTime: 2022-04-24T00:09:30.678196300Z
51974.528: ChangeTime: 2022-05-10T17:22:06.203691800Z
61974.528: FileAttributes: 0x20
71974.528: Size: 0x1e7028
81974.528: NT Headers: 0xe0
91974.528: Timestamp: 0x5eb1f55d
101974.528: Machine: 0x8664 - amd64
111974.528: Timestamp: 0x5eb1f55d
121974.528: Image Version: 10.0
131974.528: SizeOfImage: 0x1ed000 (2019328)
141974.528: Resource Dir: 0x17d000 LB 0x6eda8
151974.528: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
161974.528: [Raw version resource data: 0x17d0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
171974.528: ProductName: Microsoft® Windows® Operating System
181974.528: ProductVersion: 10.0.17763.2867
191974.528: FileVersion: 10.0.17763.2867 (WinBuild.160101.0800)
201974.528: FileDescription: NT Layer DLL
211974.528: \SystemRoot\System32\kernel32.dll:
221974.528: CreationTime: 2022-05-10T17:21:34.761523800Z
231974.528: LastWriteTime: 2022-05-10T17:21:34.778130300Z
241974.528: ChangeTime: 2022-05-10T22:01:03.592281400Z
251974.528: FileAttributes: 0x20
261974.528: Size: 0xb18d8
271974.528: NT Headers: 0xe8
281974.528: Timestamp: 0xf1de1d80
291974.528: Machine: 0x8664 - amd64
301974.528: Timestamp: 0xf1de1d80
311974.528: Image Version: 10.0
321974.528: SizeOfImage: 0xb3000 (733184)
331974.528: Resource Dir: 0xb1000 LB 0x520
341974.528: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
351974.528: [Raw version resource data: 0xb10b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
361974.528: ProductName: Microsoft® Windows® Operating System
371974.528: ProductVersion: 10.0.17763.2928
381974.528: FileVersion: 10.0.17763.2928 (WinBuild.160101.0800)
391974.528: FileDescription: Windows NT BASE API Client DLL
401974.528: \SystemRoot\System32\KernelBase.dll:
411974.528: CreationTime: 2022-05-10T17:21:43.816684100Z
421974.528: LastWriteTime: 2022-05-10T17:21:43.882062400Z
431974.528: ChangeTime: 2022-05-10T22:01:02.636433500Z
441974.528: FileAttributes: 0x20
451974.528: Size: 0x295240
461974.528: NT Headers: 0x100
471974.528: Timestamp: 0xb94797c5
481974.528: Machine: 0x8664 - amd64
491974.528: Timestamp: 0xb94797c5
501974.528: Image Version: 10.0
511974.528: SizeOfImage: 0x294000 (2703360)
521974.528: Resource Dir: 0x270000 LB 0x548
531974.528: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
541974.528: [Raw version resource data: 0x2700b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
551974.528: ProductName: Microsoft® Windows® Operating System
561974.528: ProductVersion: 10.0.17763.2928
571974.528: FileVersion: 10.0.17763.2928 (WinBuild.160101.0800)
581974.528: FileDescription: Windows NT BASE API Client DLL
591974.528: \SystemRoot\System32\apisetschema.dll:
601974.528: CreationTime: 2021-08-14T00:42:20.476360200Z
611974.528: LastWriteTime: 2021-08-14T00:42:20.476360200Z
621974.528: ChangeTime: 2022-05-10T17:22:06.006661800Z
631974.528: FileAttributes: 0x20
641974.528: Size: 0x1c550
651974.528: NT Headers: 0xd0
661974.528: Timestamp: 0x1e9fec4b
671974.528: Machine: 0x8664 - amd64
681974.528: Timestamp: 0x1e9fec4b
691974.528: Image Version: 10.0
701974.528: SizeOfImage: 0x1d000 (118784)
711974.528: Resource Dir: 0x1c000 LB 0x408
721974.528: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
731974.528: [Raw version resource data: 0x1c060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
741974.528: ProductName: Microsoft® Windows® Operating System
751974.528: ProductVersion: 10.0.17763.1879
761974.528: FileVersion: 10.0.17763.1879 (WinBuild.160101.0800)
771974.528: FileDescription: ApiSet Schema DLL
781974.528: NtOpenDirectoryObject failed on \Driver: 0xc0000022
791974.528: supR3HardenedWinFindAdversaries: 0x0
801974.528: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
811974.528: Calling main()
821974.528: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
831974.528: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
841974.528: SUPR3HardenedMain: Respawn #1
851974.528: System32: \Device\HarddiskVolume7\Windows\System32
861974.528: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
871974.528: KnownDllPath: C:\Windows\System32
881974.528: supR3HardenedWinInit: Performing a limited self purification...
891974.528: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
901974.528: *0000000000000000-000000000021ffff 0x0001/0x0000 0x0000000
911974.528: *0000000000220000-000000000022ffff 0x0004/0x0004 0x0040000
921974.528: 0000000000230000-000000000023ffff 0x0001/0x0000 0x0000000
931974.528: *0000000000240000-0000000000259fff 0x0002/0x0002 0x0040000
941974.528: 000000000025a000-000000000025ffff 0x0001/0x0000 0x0000000
951974.528: *0000000000260000-0000000000318fff 0x0000/0x0004 0x0020000
961974.528: 0000000000319000-000000000031bfff 0x0104/0x0004 0x0020000
971974.528: 000000000031c000-000000000035ffff 0x0004/0x0004 0x0020000
981974.528: *0000000000360000-0000000000363fff 0x0002/0x0002 0x0040000
991974.528: 0000000000364000-000000000036ffff 0x0001/0x0000 0x0000000
1001974.528: *0000000000370000-0000000000371fff 0x0004/0x0004 0x0020000
1011974.528: 0000000000372000-000000000037ffff 0x0001/0x0000 0x0000000
1021974.528: *0000000000380000-0000000000381fff 0x0004/0x0004 0x0020000
1031974.528: 0000000000382000-00000000003e1fff 0x0000/0x0004 0x0020000
1041974.528: 00000000003e2000-00000000003fffff 0x0001/0x0000 0x0000000
1051974.528: *0000000000400000-000000000056bfff 0x0000/0x0004 0x0020000
1061974.528: 000000000056c000-000000000056efff 0x0004/0x0004 0x0020000
1071974.528: 000000000056f000-00000000005fffff 0x0000/0x0004 0x0020000
1081974.528: *0000000000600000-00000000006c4fff 0x0002/0x0002 0x0040000
1091974.528: 00000000006c5000-000000000070ffff 0x0001/0x0000 0x0000000
1101974.528: *0000000000710000-0000000000714fff 0x0004/0x0004 0x0020000
1111974.528: 0000000000715000-000000000080ffff 0x0000/0x0004 0x0020000
1121974.528: *0000000000810000-0000000000836fff 0x0004/0x0004 0x0020000
1131974.528: 0000000000837000-000000000090ffff 0x0000/0x0004 0x0020000
1141974.528: 0000000000910000-000000000095ffff 0x0001/0x0000 0x0000000
1151974.528: *0000000000960000-000000000096efff 0x0004/0x0004 0x0020000
1161974.528: 000000000096f000-000000000096ffff 0x0000/0x0004 0x0020000
1171974.528: *0000000000970000-0000000000971fff 0x0000/0x0004 0x0020000
1181974.528: 0000000000972000-0000000000b5ffff 0x0004/0x0004 0x0020000
1191974.528: 0000000000b60000-0000000000b60fff 0x0000/0x0004 0x0020000
1201974.528: 0000000000b61000-000000007ffdffff 0x0001/0x0000 0x0000000
1211974.528: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
1221974.528: 000000007ffe1000-000000007ffecfff 0x0001/0x0000 0x0000000
1231974.528: *000000007ffed000-000000007ffedfff 0x0002/0x0002 0x0020000
1241974.528: 000000007ffee000-00007ff47d19ffff 0x0001/0x0000 0x0000000
1251974.528: *00007ff47d1a0000-00007ff47d1a4fff 0x0002/0x0002 0x0040000
1261974.528: 00007ff47d1a5000-00007ff47d29ffff 0x0000/0x0002 0x0040000
1271974.528: *00007ff47d2a0000-00007ff57d2bffff 0x0000/0x0004 0x0020000
1281974.528: *00007ff57d2c0000-00007ff57f2bffff 0x0000/0x0004 0x0020000
1291974.528: 00007ff57f2c0000-00007ff57f2c0fff 0x0004/0x0004 0x0020000
1301974.528: 00007ff57f2c1000-00007ff57f2cffff 0x0001/0x0000 0x0000000
1311974.528: *00007ff57f2d0000-00007ff57f2d0fff 0x0002/0x0002 0x0040000
1321974.528: 00007ff57f2d1000-00007ff57f2dffff 0x0001/0x0000 0x0000000
1331974.528: *00007ff57f2e0000-00007ff57f302fff 0x0002/0x0002 0x0040000
1341974.528: 00007ff57f303000-00007ff766b8ffff 0x0001/0x0000 0x0000000
1351974.528: *00007ff766b90000-00007ff766b90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1361974.528: 00007ff766b91000-00007ff766c07fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1371974.528: 00007ff766c08000-00007ff766c08fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1381974.528: 00007ff766c09000-00007ff766c51fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1391974.528: 00007ff766c52000-00007ff766c54fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1401974.528: 00007ff766c55000-00007ff766c57fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1411974.528: 00007ff766c58000-00007ff766c5afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1421974.528: 00007ff766c5b000-00007ff766c5bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1431974.528: 00007ff766c5c000-00007ff766c5dfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1441974.528: 00007ff766c5e000-00007ff766c5efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1451974.528: 00007ff766c5f000-00007ff766ca7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
1461974.528: 00007ff766ca8000-00007ffb9419ffff 0x0001/0x0000 0x0000000
1471974.528: *00007ffb941a0000-00007ffb941a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
1481974.528: 00007ffb941a1000-00007ffb942a3fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
1491974.528: 00007ffb942a4000-00007ffb943fafff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
1501974.528: 00007ffb943fb000-00007ffb943fefff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
1511974.528: 00007ffb943ff000-00007ffb943fffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
1521974.528: 00007ffb94400000-00007ffb94433fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
1531974.528: 00007ffb94434000-00007ffb96c7ffff 0x0001/0x0000 0x0000000
1541974.528: *00007ffb96c80000-00007ffb96c80fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1551974.528: 00007ffb96c81000-00007ffb96cf6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1561974.528: 00007ffb96cf7000-00007ffb96d28fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1571974.528: 00007ffb96d29000-00007ffb96d29fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1581974.528: 00007ffb96d2a000-00007ffb96d2afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1591974.528: 00007ffb96d2b000-00007ffb96d32fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1601974.528: 00007ffb96d33000-00007ffb977fffff 0x0001/0x0000 0x0000000
1611974.528: *00007ffb97800000-00007ffb97800fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1621974.528: 00007ffb97801000-00007ffb97917fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1631974.528: 00007ffb97918000-00007ffb9795efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1641974.528: 00007ffb9795f000-00007ffb9795ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1651974.528: 00007ffb97960000-00007ffb97961fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1661974.528: 00007ffb97962000-00007ffb97969fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1671974.528: 00007ffb9796a000-00007ffb979ecfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
1681974.528: 00007ffb979ed000-00007ffffffeffff 0x0001/0x0000 0x0000000
1691974.528: kernel32.dll: timestamp 0xf1de1d80 (rc=VINF_SUCCESS)
1701974.528: kernelbase.dll: timestamp 0xb94797c5 (rc=VINF_SUCCESS)
1711974.528: VirtualBoxVM.exe: timestamp 0x628e9c06 (rc=VINF_SUCCESS)
1721974.528: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
1731974.528: '\Device\HarddiskVolume7\Windows\System32\ntdll.dll' has no imports
1741974.528: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
1751974.528: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
1761974.528: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
1771974.528: supR3HardNtEnableThreadCreationEx:
1781974.528: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb978781c0 pvNtTerminateThread=00007ffb978a0440
1791974.528: supR3HardenedWinDoReSpawn(1): New child 300.17c0 [kernel32].
1801974.528: supR3HardNtChildGatherData: PebBaseAddress=0000000000e21000 cbPeb=0x388
1811974.528: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb97800000 uNtDllChildAddr=00007ffb97800000
1821974.528: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb978781c0
1831974.528: supR3HardenedWinSetupChildInit: Initial context:
184 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff766b97900 rdx=0000000000e21000
185 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
186 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
187 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
188 rip=00007ffb9785a2d0 rsp=00000000010fff08 rbp=0000000000000000 ctxflags=0010001b
189 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
190 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
191 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
192 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
193 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
1941974.528: supR3HardenedWinSetupChildInit: Start child.
1951974.528: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
1961974.528: supR3HardNtChildPurify: Startup delay kludge #1/0: 267 ms, 16 sleeps
1971974.528: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
1981974.528: *0000000000000000-0000000000cdffff 0x0001/0x0000 0x0000000
1991974.528: *0000000000ce0000-0000000000cfffff 0x0004/0x0004 0x0020000
2001974.528: *0000000000d00000-0000000000d19fff 0x0002/0x0002 0x0040000
2011974.528: 0000000000d1a000-0000000000d1ffff 0x0001/0x0000 0x0000000
2021974.528: *0000000000d20000-0000000000d23fff 0x0002/0x0002 0x0040000
2031974.528: 0000000000d24000-0000000000d2ffff 0x0001/0x0000 0x0000000
2041974.528: *0000000000d30000-0000000000d31fff 0x0004/0x0004 0x0020000
2051974.528: 0000000000d32000-0000000000dfffff 0x0001/0x0000 0x0000000
2061974.528: *0000000000e00000-0000000000e20fff 0x0000/0x0004 0x0020000
2071974.528: 0000000000e21000-0000000000e23fff 0x0004/0x0004 0x0020000
2081974.528: 0000000000e24000-0000000000ffffff 0x0000/0x0004 0x0020000
2091974.528: *0000000001000000-00000000010fafff 0x0000/0x0004 0x0020000
2101974.528: 00000000010fb000-00000000010fdfff 0x0104/0x0004 0x0020000
2111974.528: 00000000010fe000-00000000010fffff 0x0004/0x0004 0x0020000
2121974.528: 0000000001100000-000000007ffdffff 0x0001/0x0000 0x0000000
2131974.528: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2141974.528: 000000007ffe1000-000000007ffecfff 0x0001/0x0000 0x0000000
2151974.528: *000000007ffed000-000000007ffedfff 0x0002/0x0002 0x0020000
2161974.528: 000000007ffee000-00007ff59a16ffff 0x0001/0x0000 0x0000000
2171974.528: *00007ff59a170000-00007ff59a170fff 0x0002/0x0002 0x0040000
2181974.528: 00007ff59a171000-00007ff59a17ffff 0x0001/0x0000 0x0000000
2191974.528: *00007ff59a180000-00007ff59a1a2fff 0x0002/0x0002 0x0040000
2201974.528: 00007ff59a1a3000-00007ff766b8ffff 0x0001/0x0000 0x0000000
2211974.528: *00007ff766b90000-00007ff766b90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2221974.528: 00007ff766b91000-00007ff766c07fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2231974.528: 00007ff766c08000-00007ff766c08fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2241974.528: 00007ff766c09000-00007ff766c51fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2251974.528: 00007ff766c52000-00007ff766c52fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2261974.528: 00007ff766c53000-00007ff766c53fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2271974.528: 00007ff766c54000-00007ff766c58fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2281974.528: 00007ff766c59000-00007ff766c59fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2291974.528: 00007ff766c5a000-00007ff766c5afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2301974.528: 00007ff766c5b000-00007ff766c5efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2311974.528: 00007ff766c5f000-00007ff766ca7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2321974.528: 00007ff766ca8000-00007ffb977fffff 0x0001/0x0000 0x0000000
2331974.528: *00007ffb97800000-00007ffb97800fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2341974.528: 00007ffb97801000-00007ffb97917fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2351974.528: 00007ffb97918000-00007ffb9795efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2361974.528: 00007ffb9795f000-00007ffb97969fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2371974.528: 00007ffb9796a000-00007ffb97977fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2381974.528: 00007ffb97978000-00007ffb97978fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2391974.528: 00007ffb97979000-00007ffb9797bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2401974.528: 00007ffb9797c000-00007ffb979ecfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2411974.528: 00007ffb979ed000-00007ffffffeffff 0x0001/0x0000 0x0000000
2421974.528: supR3HardNtChildPurify: Done after 267 ms and 0 fixes (loop #0).
243300.17c0: Log file opened: 6.1.35r151573 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0456300
244300.17c0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffb97800000 g_uNtVerCombined=0xa0456300 (stack ~00000000010ff998)
245300.17c0: ntdll.dll: timestamp 0x5eb1f55d (rc=VINF_SUCCESS)
246300.17c0: New simple heap: #1 0000000001200000 LB 0x400000 (for 2019328 allocation)
2471974.528: supR3HardNtEnableThreadCreationEx:
248300.17c0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
249300.17c0: System32: \Device\HarddiskVolume7\Windows\System32
250300.17c0: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
251300.17c0: KnownDllPath: C:\Windows\System32
252300.17c0: supR3HardenedVmProcessInit: Opening vboxdrv stub...
253300.17c0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
254300.17c0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
255300.17c0: Registered Dll notification callback with NTDLL.
256300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\kernel32.dll)
257300.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\kernel32.dll
258300.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
259300.17c0: supR3HardenedDllNotificationCallback: load 00007ffb941a0000 LB 0x00294000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
260300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\KernelBase.dll)
261300.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
262300.17c0: supR3HardenedDllNotificationCallback: load 00007ffb96c80000 LB 0x000b3000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
263300.17c0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
264300.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\KERNEL32.DLL'
265300.17c0: supR3HardenedDllNotificationCallback: load 00007ff766b90000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
266300.17c0: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
267300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
268300.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
269300.17c0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb978781c0 pvNtTerminateThread=00007ffb978a0440
2701974.528: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 118 ms.
271300.17c0: \SystemRoot\System32\ntdll.dll:
272300.17c0: CreationTime: 2022-04-24T00:09:30.631376900Z
273300.17c0: LastWriteTime: 2022-04-24T00:09:30.678196300Z
274300.17c0: ChangeTime: 2022-05-10T17:22:06.203691800Z
275300.17c0: FileAttributes: 0x20
276300.17c0: Size: 0x1e7028
277300.17c0: NT Headers: 0xe0
278300.17c0: Timestamp: 0x5eb1f55d
279300.17c0: Machine: 0x8664 - amd64
280300.17c0: Timestamp: 0x5eb1f55d
281300.17c0: Image Version: 10.0
282300.17c0: SizeOfImage: 0x1ed000 (2019328)
283300.17c0: Resource Dir: 0x17d000 LB 0x6eda8
284300.17c0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
285300.17c0: [Raw version resource data: 0x17d0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
286300.17c0: ProductName: Microsoft® Windows® Operating System
287300.17c0: ProductVersion: 10.0.17763.2867
288300.17c0: FileVersion: 10.0.17763.2867 (WinBuild.160101.0800)
289300.17c0: FileDescription: NT Layer DLL
290300.17c0: \SystemRoot\System32\kernel32.dll:
291300.17c0: CreationTime: 2022-05-10T17:21:34.761523800Z
292300.17c0: LastWriteTime: 2022-05-10T17:21:34.778130300Z
293300.17c0: ChangeTime: 2022-05-10T22:01:03.592281400Z
294300.17c0: FileAttributes: 0x20
295300.17c0: Size: 0xb18d8
296300.17c0: NT Headers: 0xe8
297300.17c0: Timestamp: 0xf1de1d80
298300.17c0: Machine: 0x8664 - amd64
299300.17c0: Timestamp: 0xf1de1d80
300300.17c0: Image Version: 10.0
301300.17c0: SizeOfImage: 0xb3000 (733184)
302300.17c0: Resource Dir: 0xb1000 LB 0x520
303300.17c0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
304300.17c0: [Raw version resource data: 0xb10b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
305300.17c0: ProductName: Microsoft® Windows® Operating System
306300.17c0: ProductVersion: 10.0.17763.2928
307300.17c0: FileVersion: 10.0.17763.2928 (WinBuild.160101.0800)
308300.17c0: FileDescription: Windows NT BASE API Client DLL
309300.17c0: \SystemRoot\System32\KernelBase.dll:
310300.17c0: CreationTime: 2022-05-10T17:21:43.816684100Z
311300.17c0: LastWriteTime: 2022-05-10T17:21:43.882062400Z
312300.17c0: ChangeTime: 2022-05-10T22:01:02.636433500Z
313300.17c0: FileAttributes: 0x20
314300.17c0: Size: 0x295240
315300.17c0: NT Headers: 0x100
316300.17c0: Timestamp: 0xb94797c5
317300.17c0: Machine: 0x8664 - amd64
318300.17c0: Timestamp: 0xb94797c5
319300.17c0: Image Version: 10.0
320300.17c0: SizeOfImage: 0x294000 (2703360)
321300.17c0: Resource Dir: 0x270000 LB 0x548
322300.17c0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
323300.17c0: [Raw version resource data: 0x2700b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
324300.17c0: ProductName: Microsoft® Windows® Operating System
325300.17c0: ProductVersion: 10.0.17763.2928
326300.17c0: FileVersion: 10.0.17763.2928 (WinBuild.160101.0800)
327300.17c0: FileDescription: Windows NT BASE API Client DLL
328300.17c0: \SystemRoot\System32\apisetschema.dll:
329300.17c0: CreationTime: 2021-08-14T00:42:20.476360200Z
330300.17c0: LastWriteTime: 2021-08-14T00:42:20.476360200Z
331300.17c0: ChangeTime: 2022-05-10T17:22:06.006661800Z
332300.17c0: FileAttributes: 0x20
333300.17c0: Size: 0x1c550
334300.17c0: NT Headers: 0xd0
335300.17c0: Timestamp: 0x1e9fec4b
336300.17c0: Machine: 0x8664 - amd64
337300.17c0: Timestamp: 0x1e9fec4b
338300.17c0: Image Version: 10.0
339300.17c0: SizeOfImage: 0x1d000 (118784)
340300.17c0: Resource Dir: 0x1c000 LB 0x408
341300.17c0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
342300.17c0: [Raw version resource data: 0x1c060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
343300.17c0: ProductName: Microsoft® Windows® Operating System
344300.17c0: ProductVersion: 10.0.17763.1879
345300.17c0: FileVersion: 10.0.17763.1879 (WinBuild.160101.0800)
346300.17c0: FileDescription: ApiSet Schema DLL
347300.17c0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
348300.17c0: supR3HardenedWinFindAdversaries: 0x0
349300.17c0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
350300.17c0: Calling main()
351300.17c0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
352300.17c0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
353300.17c0: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
354300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
355300.17c0: SUPR3HardenedMain: Respawn #2
356300.17c0: supR3HardNtEnableThreadCreationEx:
357300.17c0: supR3HardenedDllNotificationCallback: load 00007ffb96f60000 LB 0x0011d000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
358300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll)
359300.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
360300.17c0: supR3HardenedDllNotificationCallback: load 00007ffb968e0000 LB 0x0009f000 C:\Windows\System32\sechost.dll [fFlags=0x0]
361300.17c0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
362300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\sechost.dll)
363300.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\sechost.dll
364300.17c0: '\Device\HarddiskVolume7\Windows\System32\ntdll.dll' has no imports
365300.17c0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ntdll.dll)
366300.17c0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ntdll.dll
367300.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
368300.17c0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
369300.17c0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
370300.17c0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
371300.17c0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97800000 'C:\Windows\System32\ntdll.dll'
372300.17c0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb978781c0 pvNtTerminateThread=00007ffb978a0440
373300.17c0: supR3HardenedWinDoReSpawn(2): New child dd4.9cc [kernel32].
374300.17c0: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
375300.17c0: supR3HardNtChildGatherData: PebBaseAddress=00000000009e5000 cbPeb=0x388
376300.17c0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffb97800000 uNtDllChildAddr=00007ffb97800000
377300.17c0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffb978781c0
378300.17c0: supR3HardenedWinSetupChildInit: Initial context:
379 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff766b97900 rdx=00000000009e5000
380 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
381 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
382 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
383 rip=00007ffb9785a2d0 rsp=0000000000b3fca8 rbp=0000000000000000 ctxflags=0010001b
384 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
385 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
386 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
387 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
388 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
389300.17c0: kernel32.dll: timestamp 0xf1de1d80 (rc=VINF_SUCCESS)
390300.17c0: supR3HardenedWinSetupChildInit: Start child.
391300.17c0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
392300.17c0: supR3HardNtChildPurify: Startup delay kludge #1/0: 267 ms, 17 sleeps
393300.17c0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
394300.17c0: *0000000000000000-00000000007effff 0x0001/0x0000 0x0000000
395300.17c0: *00000000007f0000-00000000007f3fff 0x0002/0x0002 0x0040000
396300.17c0: 00000000007f4000-00000000007fffff 0x0001/0x0000 0x0000000
397300.17c0: *0000000000800000-00000000009e4fff 0x0000/0x0004 0x0020000
398300.17c0: 00000000009e5000-00000000009e7fff 0x0004/0x0004 0x0020000
399300.17c0: 00000000009e8000-00000000009fffff 0x0000/0x0004 0x0020000
400300.17c0: *0000000000a00000-0000000000a1ffff 0x0004/0x0004 0x0020000
401300.17c0: *0000000000a20000-0000000000a39fff 0x0002/0x0002 0x0040000
402300.17c0: 0000000000a3a000-0000000000a3ffff 0x0001/0x0000 0x0000000
403300.17c0: *0000000000a40000-0000000000b3afff 0x0000/0x0004 0x0020000
404300.17c0: 0000000000b3b000-0000000000b3dfff 0x0104/0x0004 0x0020000
405300.17c0: 0000000000b3e000-0000000000b3ffff 0x0004/0x0004 0x0020000
406300.17c0: *0000000000b40000-0000000000b41fff 0x0004/0x0004 0x0020000
407300.17c0: 0000000000b42000-000000007ffdffff 0x0001/0x0000 0x0000000
408300.17c0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
409300.17c0: 000000007ffe1000-000000007ffecfff 0x0001/0x0000 0x0000000
410300.17c0: *000000007ffed000-000000007ffedfff 0x0002/0x0002 0x0020000
411300.17c0: 000000007ffee000-00007ff5cb92ffff 0x0001/0x0000 0x0000000
412300.17c0: *00007ff5cb930000-00007ff5cb930fff 0x0002/0x0002 0x0040000
413300.17c0: 00007ff5cb931000-00007ff5cb93ffff 0x0001/0x0000 0x0000000
414300.17c0: *00007ff5cb940000-00007ff5cb962fff 0x0002/0x0002 0x0040000
415300.17c0: 00007ff5cb963000-00007ff766b8ffff 0x0001/0x0000 0x0000000
416300.17c0: *00007ff766b90000-00007ff766b90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
417300.17c0: 00007ff766b91000-00007ff766c07fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
418300.17c0: 00007ff766c08000-00007ff766c08fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
419300.17c0: 00007ff766c09000-00007ff766c51fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
420300.17c0: 00007ff766c52000-00007ff766c52fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
421300.17c0: 00007ff766c53000-00007ff766c53fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
422300.17c0: 00007ff766c54000-00007ff766c58fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
423300.17c0: 00007ff766c59000-00007ff766c59fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
424300.17c0: 00007ff766c5a000-00007ff766c5afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
425300.17c0: 00007ff766c5b000-00007ff766c5efff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
426300.17c0: 00007ff766c5f000-00007ff766ca7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
427300.17c0: 00007ff766ca8000-00007ffb977fffff 0x0001/0x0000 0x0000000
428300.17c0: *00007ffb97800000-00007ffb97800fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
429300.17c0: 00007ffb97801000-00007ffb97917fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
430300.17c0: 00007ffb97918000-00007ffb9795efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
431300.17c0: 00007ffb9795f000-00007ffb97969fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
432300.17c0: 00007ffb9796a000-00007ffb97977fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
433300.17c0: 00007ffb97978000-00007ffb97978fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
434300.17c0: 00007ffb97979000-00007ffb9797bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
435300.17c0: 00007ffb9797c000-00007ffb979ecfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume7\Windows\System32\ntdll.dll
436300.17c0: 00007ffb979ed000-00007ffffffeffff 0x0001/0x0000 0x0000000
437300.17c0: VirtualBoxVM.exe: timestamp 0x628e9c06 (rc=VINF_SUCCESS)
438300.17c0: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
439300.17c0: '\Device\HarddiskVolume7\Windows\System32\ntdll.dll' has no imports
440300.17c0: supR3HardNtChildPurify: Done after 329 ms and 0 fixes (loop #0).
441dd4.9cc: Log file opened: 6.1.35r151573 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa0456300
442dd4.9cc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffb97800000 g_uNtVerCombined=0xa0456300 (stack ~0000000000b3f738)
443dd4.9cc: ntdll.dll: timestamp 0x5eb1f55d (rc=VINF_SUCCESS)
444dd4.9cc: New simple heap: #1 0000000000c50000 LB 0x400000 (for 2019328 allocation)
445300.17c0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001200000 LB 0x400000)
446300.17c0: supR3HardNtEnableThreadCreationEx:
447dd4.9cc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
448dd4.9cc: System32: \Device\HarddiskVolume7\Windows\System32
449dd4.9cc: WinSxS: \Device\HarddiskVolume7\Windows\WinSxS
450dd4.9cc: KnownDllPath: C:\Windows\System32
451dd4.9cc: supR3HardenedVmProcessInit: Opening vboxdrv...
452dd4.9cc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
453dd4.9cc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
454dd4.9cc: Registered Dll notification callback with NTDLL.
455dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\kernel32.dll)
456dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\kernel32.dll
457dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
458dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb941a0000 LB 0x00294000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
459dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\KernelBase.dll)
460dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\KernelBase.dll
461dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96c80000 LB 0x000b3000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
462dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
463dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\KERNEL32.DLL'
464dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ff766b90000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
465dd4.9cc: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
466dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
467dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
468dd4.9cc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffb978781c0 pvNtTerminateThread=00007ffb978a0440
469300.17c0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 141 ms.
470dd4.9cc: \SystemRoot\System32\ntdll.dll:
471dd4.9cc: CreationTime: 2022-04-24T00:09:30.631376900Z
472dd4.9cc: LastWriteTime: 2022-04-24T00:09:30.678196300Z
473dd4.9cc: ChangeTime: 2022-05-10T17:22:06.203691800Z
474dd4.9cc: FileAttributes: 0x20
475dd4.9cc: Size: 0x1e7028
476dd4.9cc: NT Headers: 0xe0
477dd4.9cc: Timestamp: 0x5eb1f55d
478dd4.9cc: Machine: 0x8664 - amd64
479dd4.9cc: Timestamp: 0x5eb1f55d
480dd4.9cc: Image Version: 10.0
481dd4.9cc: SizeOfImage: 0x1ed000 (2019328)
482dd4.9cc: Resource Dir: 0x17d000 LB 0x6eda8
483dd4.9cc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
484dd4.9cc: [Raw version resource data: 0x17d0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
485dd4.9cc: ProductName: Microsoft® Windows® Operating System
486dd4.9cc: ProductVersion: 10.0.17763.2867
487dd4.9cc: FileVersion: 10.0.17763.2867 (WinBuild.160101.0800)
488dd4.9cc: FileDescription: NT Layer DLL
489dd4.9cc: \SystemRoot\System32\kernel32.dll:
490dd4.9cc: CreationTime: 2022-05-10T17:21:34.761523800Z
491dd4.9cc: LastWriteTime: 2022-05-10T17:21:34.778130300Z
492dd4.9cc: ChangeTime: 2022-05-10T22:01:03.592281400Z
493dd4.9cc: FileAttributes: 0x20
494dd4.9cc: Size: 0xb18d8
495dd4.9cc: NT Headers: 0xe8
496dd4.9cc: Timestamp: 0xf1de1d80
497dd4.9cc: Machine: 0x8664 - amd64
498dd4.9cc: Timestamp: 0xf1de1d80
499dd4.9cc: Image Version: 10.0
500dd4.9cc: SizeOfImage: 0xb3000 (733184)
501dd4.9cc: Resource Dir: 0xb1000 LB 0x520
502dd4.9cc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
503dd4.9cc: [Raw version resource data: 0xb10b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
504dd4.9cc: ProductName: Microsoft® Windows® Operating System
505dd4.9cc: ProductVersion: 10.0.17763.2928
506dd4.9cc: FileVersion: 10.0.17763.2928 (WinBuild.160101.0800)
507dd4.9cc: FileDescription: Windows NT BASE API Client DLL
508dd4.9cc: \SystemRoot\System32\KernelBase.dll:
509dd4.9cc: CreationTime: 2022-05-10T17:21:43.816684100Z
510dd4.9cc: LastWriteTime: 2022-05-10T17:21:43.882062400Z
511dd4.9cc: ChangeTime: 2022-05-10T22:01:02.636433500Z
512dd4.9cc: FileAttributes: 0x20
513dd4.9cc: Size: 0x295240
514dd4.9cc: NT Headers: 0x100
515dd4.9cc: Timestamp: 0xb94797c5
516dd4.9cc: Machine: 0x8664 - amd64
517dd4.9cc: Timestamp: 0xb94797c5
518dd4.9cc: Image Version: 10.0
519dd4.9cc: SizeOfImage: 0x294000 (2703360)
520dd4.9cc: Resource Dir: 0x270000 LB 0x548
521dd4.9cc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
522dd4.9cc: [Raw version resource data: 0x2700b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
523dd4.9cc: ProductName: Microsoft® Windows® Operating System
524dd4.9cc: ProductVersion: 10.0.17763.2928
525dd4.9cc: FileVersion: 10.0.17763.2928 (WinBuild.160101.0800)
526dd4.9cc: FileDescription: Windows NT BASE API Client DLL
527dd4.9cc: \SystemRoot\System32\apisetschema.dll:
528dd4.9cc: CreationTime: 2021-08-14T00:42:20.476360200Z
529dd4.9cc: LastWriteTime: 2021-08-14T00:42:20.476360200Z
530dd4.9cc: ChangeTime: 2022-05-10T17:22:06.006661800Z
531dd4.9cc: FileAttributes: 0x20
532dd4.9cc: Size: 0x1c550
533dd4.9cc: NT Headers: 0xd0
534dd4.9cc: Timestamp: 0x1e9fec4b
535dd4.9cc: Machine: 0x8664 - amd64
536dd4.9cc: Timestamp: 0x1e9fec4b
537dd4.9cc: Image Version: 10.0
538dd4.9cc: SizeOfImage: 0x1d000 (118784)
539dd4.9cc: Resource Dir: 0x1c000 LB 0x408
540dd4.9cc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
541dd4.9cc: [Raw version resource data: 0x1c060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
542dd4.9cc: ProductName: Microsoft® Windows® Operating System
543dd4.9cc: ProductVersion: 10.0.17763.1879
544dd4.9cc: FileVersion: 10.0.17763.1879 (WinBuild.160101.0800)
545dd4.9cc: FileDescription: ApiSet Schema DLL
546dd4.9cc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
547dd4.9cc: supR3HardenedWinFindAdversaries: 0x0
548dd4.9cc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
549dd4.9cc: Calling main()
550dd4.9cc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
551dd4.9cc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox'
552dd4.9cc: '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
553dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
554dd4.9cc: SUPR3HardenedMain: Final process, opening VBoxDrv...
555dd4.9cc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000c50000 LB 0x400000)
556dd4.9cc: supR3HardNtEnableThreadCreationEx:
557dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
558dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
559dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
560dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
561dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb854d0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
562dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
563dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
564dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
565dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb854d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
566dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
567dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
568dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb854d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
569dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb854d0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
570dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
571dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
572dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
573dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
574dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\wintrust.dll)
575dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\wintrust.dll
576dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
577dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
578dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll)
579dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
580dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
581dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume7\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
582dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
583dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\crypt32.dll)
584dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\crypt32.dll
585dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
586dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume7\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
587dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\msasn1.dll)
588dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\msasn1.dll
589dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
590dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
591dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\msvcrt.dll)
592dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
593dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
594dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume7\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
595dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
596dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
597dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb97410000 LB 0x0009e000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
598dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
599dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb93870000 LB 0x00012000 C:\Windows\System32\MSASN1.dll [fFlags=0x0]
600dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
601dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94910000 LB 0x000fa000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
602dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ucrtbase.dll)
603dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ucrtbase.dll
604dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94440000 LB 0x001f5000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
605dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
606dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96f60000 LB 0x0011d000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
607dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
608dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94640000 LB 0x00061000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
609dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
610dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
611dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
612dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
613dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
614dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
615dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
616dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
617dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
618dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
619dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
620dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
621dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
622dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
623dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
624dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-1'
625dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\system32\Wintrust.dll'
626dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\bcrypt.dll)
627dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\bcrypt.dll
628dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
629dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94740000 LB 0x00026000 C:\Windows\System32\bcrypt.dll [fFlags=0x0]
630dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
631dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94740000 'C:\Windows\system32\bcrypt.dll'
632dd4.9cc: bcrypt.dll loaded at 00007ffb94740000, BCryptOpenAlgorithmProvider at 00007ffb94744d70, preloading providers:
633dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll)
634dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll
635dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
636dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb946b0000 LB 0x00082000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
637dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
638dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb946b0000 'C:\Windows\system32\bcryptprimitives.dll'
639dd4.9cc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000120de60)
640dd4.9cc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=000000000120ebc0)
641dd4.9cc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=000000000120eec0)
642dd4.9cc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=000000000120f9d0)
643dd4.9cc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=000000000120fcd0)
644dd4.9cc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=000000000120ffd0)
645dd4.9cc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=00000000012102d0)
646dd4.9cc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000012105d0)
647dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94a10000 LB 0x00017000 C:\Windows\System32\CRYPTSP.dll [fFlags=0x0]
648dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\cryptsp.dll)
649dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\cryptsp.dll
650dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
651dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\rsaenh.dll)
652dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\rsaenh.dll
653dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
654dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume7\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
655dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
656dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
657dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
658dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb92b90000 LB 0x00033000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
659dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
660dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
661dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
662dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\cryptbase.dll)
663dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\cryptbase.dll
664dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb931e0000 LB 0x0000c000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
665dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
666dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
667dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
668dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
669dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
670dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
671dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
672dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
673dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
674dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\System32\WINTRUST.DLL'
675dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
676dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
677dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\CRYPT32.dll'
678dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb97610000 LB 0x0001d000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
679dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\imagehlp.dll)
680dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\imagehlp.dll
681dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
682dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
683dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
684dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
685dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
686dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
687dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb968e0000 LB 0x0009f000 C:\Windows\System32\sechost.dll [fFlags=0x0]
688dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
689dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\sechost.dll)
690dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\sechost.dll
691dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
692dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
693dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\gpapi.dll)
694dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\gpapi.dll
695dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb92410000 LB 0x00022000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
696dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
697dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb93820000 LB 0x00024000 C:\Windows\System32\profapi.dll [fFlags=0x0]
698dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\profapi.dll)
699dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\profapi.dll
700dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
701dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
702dd4.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume7\Windows\System32\cryptnet.dll)
703dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\cryptnet.dll
704dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
705dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume7\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
706dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
707dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
708dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
709dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
710dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
711dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
712dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
713dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
714dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
715dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
716dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
717dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
718dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
719dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
720dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
721dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb8cc00000 LB 0x0002f000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
722dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
723dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
724dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
725dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
726dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
727dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
728dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
729dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
730dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
731dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
732dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
733dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
734dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
735dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
736dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
737dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
738dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
739dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
740dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
741dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
742dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
743dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
744dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
745dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
746dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
747dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
748dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
749dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
750dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
751dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
752dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
753dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
754dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96ae0000 LB 0x000a7000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
755dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
756dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
757dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
758dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\advapi32.dll)
759dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\advapi32.dll
760dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
761dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
762dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
763dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
764dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
765dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume7\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
766dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\sechost.dll [lacks WinVerifyTrust]
767dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
768dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
769dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
770dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
771dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
772dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
773dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
774dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
775dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
776dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000124c420
777dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
778dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E501CDB1E05B4A4B105BE1EEBF58E846668CDFF6
779dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
780dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
781dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96f60000 'C:\Windows\System32\rpcrt4.dll'
782dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
783dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
784dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
785dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
786dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
787dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
788dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3111_for_KB5013941~31bf3856ad364e35~amd64~~10.0.1.6.cat'; file='\SystemRoot\System32\ntdll.dll'
789dd4.9cc: g_pfnWinVerifyTrust=00007ffb946423e0
790dd4.9cc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
791dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
792dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
793dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
794dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
795dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
796dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
797dd4.9cc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\crypt32.dll'
798dd4.9cc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
799dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
800dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
801dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
802dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
803dd4.9cc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\wintrust.dll'
804dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
805dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
806dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
807dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
808dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\advapi32.dll'
809dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000390 pwszName=\Device\HarddiskVolume7\Windows\System32\cryptnet.dll
810dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
811dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
812dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BD8555E5AD3E747F80ECB1E98B15BBC9F7E3FB57
813dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
814dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
815dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
816dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_688_for_KB5012647~31bf3856ad364e35~amd64~~10.0.1.3.cat'; file='\Device\HarddiskVolume7\Windows\System32\cryptnet.dll'
817dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
818dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\cryptnet.dll'
819dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
820dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
821dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
822dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\profapi.dll'
823dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
824dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
825dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
826dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\gpapi.dll'
827dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
828dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
829dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
830dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\sechost.dll'
831dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
832dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
833dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
834dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\imagehlp.dll'
835dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
836dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
837dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll
838dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
839dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
840dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\cryptbase.dll'
841dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
842dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
843dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
844dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\rsaenh.dll'
845dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll
846dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
847dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
848dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
849dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\cryptsp.dll'
850dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
851dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
852dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll'
853dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
854dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
855dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\bcrypt.dll'
856dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
857dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
858dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\ucrtbase.dll'
859dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
860dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
861dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll'
862dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
863dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
864dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\msasn1.dll'
865dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
866dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
867dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll'
868dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
869dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
870dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
871dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
872dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
873dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
874dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
875dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
876dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\KernelBase.dll'
877dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
878dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
879dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\kernel32.dll'
880dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\system32\crypt32.dll'
881dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
882dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
883dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xbee5bf254104a700 C=US, O=Microsoft Corporation, CN=Microsoft EV RSA Root Certificate Authority 2017
884dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
885dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x5102860480cd2313 C=US, O=Microsoft Corporation, CN=Microsoft ECC Root Certificate Authority 2017
886dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
887dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
888dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
889dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x298c3394be5bca00 C=US, O=Microsoft Corporation, CN=Microsoft RSA Root Certificate Authority 2017
890dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xbcb08b369a5f2a26 C=US, O=Microsoft Corporation, CN=Microsoft EV ECC Root Certificate Authority 2017
891dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
892dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
893dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
894dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
895dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
896dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
897dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
898dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
899dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
900dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
901dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
902dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
903dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
904dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
905dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
906dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
907dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
908dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
909dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
910dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
911dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
912dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
913dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
914dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
915dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
916dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
917dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xe87add30c52db600 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Code Signing Root R45
918dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
919dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
920dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
921dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
922dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
923dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
924dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
925dd4.9cc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
926dd4.9cc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=45
927dd4.9cc: SUPR3HardenedMain: Load Runtime...
928dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
929dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
930dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
931dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
932dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
933dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
934dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
935dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
936dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
937dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
938dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
939dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
940dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
941dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ws2_32.dll) WinVerifyTrust
942dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
943dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
944dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
945dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
946dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
947dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
948dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
949dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
950dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
951dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
952dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll
953dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
954dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
955dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
956dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
957dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
958dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
959dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
960dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
961dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
962dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
963dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll)
964dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
965dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
966dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
967dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
968dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
969dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
970dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
971dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
972dd4.9cc: supR3HardenedDllNotificationCallback: load 0000000077f20000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
973dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
974dd4.9cc: supR3HardenedDllNotificationCallback: load 0000000077910000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
975dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
976dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96c10000 LB 0x0006d000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
977dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
978dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb6f660000 LB 0x005ec000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
979dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
980dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
981dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
982dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
983dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
984dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
985dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
986dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
987dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
988dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
989dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
990dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
991dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
992dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
993dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
994dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
995dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
996dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
997dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
998dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
999dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1000dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1001dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1002dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1003dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
1004dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1005dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1006dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1007dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1008dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1009dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1010dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
1011dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1012dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1013dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1014dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1015dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1016dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1017dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
1018dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1019dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1020dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1021dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1022dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1023dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1024dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1025dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1026dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1027dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1028dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1029dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1030dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1031dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1032dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1033dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1034dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1035dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1036dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1037dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1038dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1039dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1040dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1041dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1042dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1043dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1044dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1045dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1046dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1047dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1048dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1049dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1050dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1051dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1052dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1053dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1054dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1055dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1056dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1057dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1058dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1059dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
1060dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1061dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1062dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1063dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1064dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1065dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1066dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1067dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1068dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1069dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1070dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1071dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1072dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1073dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1074dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1075dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1076dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1077dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1078dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1079dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1080dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1081dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1082dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1083dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1084dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1085dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1086dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1087dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1088dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1089dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1090dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1091dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1092dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1093dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1094dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1095dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1096dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1097dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1098dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1099dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1100dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1101dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1102dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1103dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1104dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1105dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1106dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1107dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1108dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1109dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1110dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1111dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1112dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1113dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1114dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1115dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1116dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1117dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1118dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1119dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1120dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1121dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1122dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1123dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1124dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1125dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1126dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1127dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1128dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1129dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1130dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1131dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1132dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1133dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1134dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1135dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1136dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1137dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1138dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1139dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1140dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1141dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxRT.dll
1142dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1143dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1144dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1145dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1146dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1147dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1148dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1149dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1150dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1151dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1152dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1153dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1154dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1155dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1156dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb6f660000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1157dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1158dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1159dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll'
1160dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll
1161dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1162dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\system32\Wintrust.dll'
1163dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll
1164dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1165dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1166dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1167dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1168dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1169dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\system32\crypt32.dll'
1170dd4.9cc: SUPR3HardenedMain: Load TrustedMain...
1171dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1172dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1173dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1174dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1175dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1176dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1177dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1178dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1179dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1180dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1181dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1182dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1183dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1184dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1185dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1186dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1187dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1188dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1189dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume7\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1190dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1191dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1192dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1193dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1194dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\winmm.dll) WinVerifyTrust
1195dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\winmm.dll
1196dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1197dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1198dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1199dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1200dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
1201dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1202dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1203dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1204dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1205dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\winmmbase.dll)
1206dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\winmmbase.dll
1207dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1208dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1209dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
1210dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1211dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1212dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1213dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1214dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
1215dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\oleaut32.dll) WinVerifyTrust
1216dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
1217dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1218dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1219dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1220dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1221dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
1222dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1223dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1224dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1225dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1226dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'bcryptprimitives.dll'.
1227dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\combase.dll)
1228dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\combase.dll
1229dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1230dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1231dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1232dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll)
1233dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
1234dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1235dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1236dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll
1237dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1238dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1239dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1240dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1241dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
1242dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'gdi32.dll'.
1243dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'user32.dll'.
1244dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'combase.dll'.
1245dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ole32.dll) WinVerifyTrust
1246dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ole32.dll
1247dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1248dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1249dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1250dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1251dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll [lacks WinVerifyTrust]
1252dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1253dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1254dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1255dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1256dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1257dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\user32.dll)
1258dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\user32.dll
1259dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1260dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1261dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1262dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\gdi32.dll)
1263dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\gdi32.dll
1264dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1265dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1266dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1267dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1268dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1269dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1270dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1271dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1272dd4.9cc: '\Device\HarddiskVolume7\Windows\System32\win32u.dll' has no imports
1273dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\win32u.dll)
1274dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\win32u.dll
1275dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1276dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1277dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1278dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1279dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\user32.dll) WinVerifyTrust
1280dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1281dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1282dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1283dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1284dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1285dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1286dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1287dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1288dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1289dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1290dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1291dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1292dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1293dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1294dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1295dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1296dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1297dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1298dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1299dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1300dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
1301dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1302dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1303dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1304dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1305dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1306dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1307dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1308dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1309dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1310dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1311dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1312dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1313dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1314dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1315dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1316dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1317dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1318dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1319dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1320dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1321dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1322dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1323dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1324dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1325dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1326dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1327dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1328dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1329dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1330dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1331dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1332dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1333dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1334dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1335dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1336dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1337dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1338dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1339dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1340dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
1341dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1342dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1343dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
1344dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1345dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1346dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1347dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1348dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #75 'user32.dll'.
1349dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'gdi32.dll'.
1350dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\shell32.dll)
1351dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\shell32.dll
1352dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1353dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1354dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1355dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1356dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1357dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1358dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1359dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1360dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1361dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1362dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1363dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1364dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1365dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1366dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
1367dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1368dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1369dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
1370dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1371dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1372dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1373dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1374dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1375dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1376dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1377dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1378dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1379dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1380dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume7\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1381dd4.9cc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\opengl32.dll'.
1382dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1383dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1384dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1385dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1386dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
1387dd4.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume7\Windows\System32\opengl32.dll)
1388dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\opengl32.dll
1389dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1390dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1391dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
1392dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1393dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1394dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
1395dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1396dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1397dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
1398dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1399dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1400dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1401dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\mpr.dll)
1402dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\mpr.dll
1403dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1404dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1405dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
1406dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1407dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1408dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
1409dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1410dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1411dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
1412dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1413dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1414dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1415dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1416dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1417dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1418dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1419dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1420dd4.9cc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1421dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1422dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1423dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1424dd4.9cc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume7\Windows\System32\glu32.dll)
1425dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\glu32.dll
1426dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1427dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1428dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1429dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1430dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1431dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1432dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1433dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1434dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
1435dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1436dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1437dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
1438dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1439dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1440dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1441dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1442dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1443dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1444dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1445dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1446dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
1447dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1448dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume7\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1449dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1450dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1451dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1452dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1453dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1454dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1455dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1456dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1457dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1458dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1459dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1460dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1461dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1462dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1463dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1464dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1465dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1466dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1467dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1468dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1469dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1470dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
1471dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1472dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1473dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
1474dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1475dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1476dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1477dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1478dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1479dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1480dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1481dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1482dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1483dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1484dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1485dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1486dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1487dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1488dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1489dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1490dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1491dd4.9cc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1492dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1493dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1494dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1495dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1496dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1497dd4.9cc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1498dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1499dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1500dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
1501dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1502dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1503dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
1504dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1505dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1506dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1507dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1508dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1509dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1510dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1511dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1512dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1513dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1514dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1515dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1516dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1517dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1518dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1519dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1520dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1521dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\UICommon.dll
1522dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1523dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume7\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1524dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1525dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000048c pwszName=\Device\HarddiskVolume7\Windows\System32\opengl32.dll
1526dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
1527dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
1528dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F9EA7A084F8D34EE062D8C0EF5D96EF865883D56
1529dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1530dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1531dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1532dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1533dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
1534dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1535dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1536dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
1537dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1538dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1539dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
1540dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1541dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1542dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [lacks WinVerifyTrust]
1543dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1544dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1545dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
1546dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1547dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1548dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1549dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1550dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1551dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1552dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1553dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1554dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1555dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1556dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
1557dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
1558dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpenGL-Package~31bf3856ad364e35~amd64~~10.0.17763.1.cat'; file='\Device\HarddiskVolume7\Windows\System32\opengl32.dll'
1559dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1560dd4.9cc: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\opengl32.dll'
1561dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1562dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1563dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\opengl32.dll
1564dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\UICommon.dll
1565dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1566dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1567dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1568dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1569dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
1570dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1571dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1572dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1573dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb93890000 LB 0x00020000 C:\Windows\System32\win32u.dll [fFlags=0x0]
1574dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
1575dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb938b0000 LB 0x000a0000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
1576dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
1577dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94770000 LB 0x0019c000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
1578dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1579dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
1580dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
1581dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
1582dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\gdi32full.dll)
1583dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\gdi32full.dll
1584dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb974b0000 LB 0x00029000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
1585dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
1586dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb97630000 LB 0x00197000 C:\Windows\System32\USER32.dll [fFlags=0x0]
1587dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [avoiding WinVerifyTrust]
1588dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb85150000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
1589dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1590dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb7e7c0000 LB 0x00127000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1591dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\opengl32.dll
1592dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb940a0000 LB 0x0004a000 C:\Windows\System32\cfgmgr32.dll [fFlags=0x0]
1593dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll)
1594dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll
1595dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94b10000 LB 0x0032d000 C:\Windows\System32\combase.dll [fFlags=0x0]
1596dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1597dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96d40000 LB 0x000a8000 C:\Windows\System32\shcore.dll [fFlags=0x0]
1598dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1599dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
1600dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
1601dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\SHCore.dll)
1602dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\SHCore.dll
1603dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb937c0000 LB 0x0005d000 C:\Windows\System32\powrprof.dll [fFlags=0x0]
1604dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1605dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\powrprof.dll)
1606dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\powrprof.dll
1607dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96880000 LB 0x00052000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
1608dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1609dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
1610dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
1611dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\shlwapi.dll)
1612dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\shlwapi.dll
1613dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb93850000 LB 0x00011000 C:\Windows\System32\kernel.appcore.dll [fFlags=0x0]
1614dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
1615dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
1616dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll)
1617dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll
1618dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb93950000 LB 0x00748000 C:\Windows\System32\windows.storage.dll [fFlags=0x0]
1619dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'combase.dll'.
1620dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'msvcp_win.dll'.
1621dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
1622dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
1623dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\windows.storage.dll)
1624dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\windows.storage.dll
1625dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb95320000 LB 0x014f9000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
1626dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
1627dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb972a0000 LB 0x00156000 C:\Windows\System32\ole32.dll [fFlags=0x0]
1628dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
1629dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb7c0c0000 LB 0x0001b000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
1630dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1631dd4.9cc: supR3HardenedDllNotificationCallback: load 00000000779b0000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1632dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1633dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb6cd40000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1634dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1635dd4.9cc: supR3HardenedDllNotificationCallback: load 00000000773a0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1636dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1637dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96a10000 LB 0x000c4000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
1638dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
1639dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb6d340000 LB 0x02320000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
1640dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\UICommon.dll
1641dd4.9cc: supR3HardenedDllNotificationCallback: load 0000000050010000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1642dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1643dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb91340000 LB 0x0002d000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
1644dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1645dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb91370000 LB 0x00024000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
1646dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
1647dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb7ea90000 LB 0x001c9000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
1648dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1649dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1650dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1651dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1652dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1653dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1654dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1655dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1656dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1657dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1658dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1659dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1660dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1661dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1662dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1663dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1664dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1665dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1666dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1667dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1668dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1669dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1670dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1671dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1672dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1673dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1674dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1675dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1676dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1677dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1678dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1679dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1680dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1681dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1682dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1683dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll
1684dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1685dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1686dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\profapi.dll
1687dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1688dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1689dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1690dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1691dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1692dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1693dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
1694dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1695dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1696dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll [redoing WinVerifyTrust]
1697dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1698dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\combase.dll
1699dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1700dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1701dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1702dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1703dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1704dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1705dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [redoing WinVerifyTrust]
1706dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1707dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\user32.dll
1708dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1709dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1710dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1711dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1712dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\gdi32.dll
1713dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1714dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1715dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1716dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1717dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1718dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1719dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll [redoing WinVerifyTrust]
1720dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1721dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\combase.dll
1722dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1723dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1724dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1725dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1726dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1727dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1728dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1729dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1730dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\win32u.dll
1731dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1732dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1733dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [redoing WinVerifyTrust]
1734dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1735dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\user32.dll
1736dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1737dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1738dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1739dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1740dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\gdi32.dll
1741dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1742dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1743dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1744dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1745dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
1746dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1747dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
1748dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1749dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1750dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1751dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1752dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1753dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1754dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1755dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1756dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1757dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1758dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1759dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1760dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1761dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1762dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1763dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1764dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1765dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1766dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1767dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1768dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1769dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1770dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1771dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1772dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1773dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1774dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1775dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1776dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1777dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1778dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1779dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1780dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1781dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1782dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1783dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1784dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1785dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1786dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1787dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1788dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1789dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1790dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1791dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1792dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1793dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1794dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1795dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1796dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1797dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1798dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1799dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1800dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1801dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1802dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1803dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1804dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1805dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1806dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1807dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1808dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1809dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1810dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1811dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1812dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1813dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1814dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1815dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1816dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
1817dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1818dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-string-l1-1-0'
1819dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1820dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1821dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1822dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1823dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1824dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1825dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1826dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1827dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1828dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1829dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1830dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1831dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1832dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1833dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1834dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1835dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1836dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1837dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1838dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1839dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1840dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1841dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1842dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1843dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1844dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1845dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1846dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1847dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1848dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1849dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1850dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1851dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1852dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1853dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1854dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1855dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1856dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1857dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1858dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1859dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1860dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1861dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1862dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1863dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1864dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1865dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1866dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1867dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1868dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1869dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1870dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1871dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1872dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1873dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1874dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1875dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1876dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1877dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1878dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1879dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1880dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1881dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1882dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1883dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1884dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1885dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1886dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1887dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
1888dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1889dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-datetime-l1-1-1'
1890dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1891dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1892dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1893dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1894dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1895dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1896dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1897dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1898dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1899dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1900dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1901dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1902dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1903dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1904dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1905dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1906dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1907dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1908dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1909dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1910dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1911dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1912dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1913dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1914dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1915dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1916dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1917dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1918dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1919dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1920dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1921dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1922dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1923dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1924dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1925dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1926dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1927dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1928dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1929dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1930dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1931dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1932dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1933dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1934dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1935dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1936dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1937dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1938dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1939dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1940dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1941dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1942dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1943dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1944dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1945dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1946dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1947dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1948dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1949dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1950dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1951dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1952dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1953dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1954dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1955dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1956dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1957dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1958dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
1959dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1960dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-obsolete-l1-2-0'
1961dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1962dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1963dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1964dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1965dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
1966dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
1967dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
1968dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
1969dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
1970dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
1971dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
1972dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
1973dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
1974dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
1975dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
1976dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
1977dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
1978dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
1979dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
1980dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
1981dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1982dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1983dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
1984dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
1985dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
1986dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
1987dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
1988dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
1989dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
1990dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
1991dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
1992dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
1993dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
1994dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
1995dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
1996dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
1997dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
1998dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
1999dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
2000dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
2001dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
2002dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
2003dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
2004dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
2005dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
2006dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
2007dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
2008dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
2009dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
2010dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
2011dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
2012dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
2013dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
2014dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
2015dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2016dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2017dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
2018dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
2019dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
2020dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
2021dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
2022dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
2023dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
2024dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
2025dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
2026dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
2027dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
2028dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
2029dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\imm32.dll'.
2030dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
2031dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
2032dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\imm32.dll)
2033dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\imm32.dll
2034dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2035dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2036dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2037dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
2038dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\win32u.dll
2039dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2040dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2041dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll [redoing WinVerifyTrust]
2042dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
2043dd4.9cc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume7\Windows\System32\user32.dll
2044dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2045dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94ae0000 LB 0x0002e000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
2046dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
2047dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94ae0000 'C:\Windows\system32\IMM32.DLL'
2048dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\imm32.dll'.
2049dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\imm32.dll' [rescheduled]
2050dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
2051dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
2052dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
2053dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
2054dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
2055dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
2056dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
2057dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
2058dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
2059dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
2060dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
2061dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
2062dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
2063dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
2064dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
2065dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
2066dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
2067dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
2068dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
2069dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
2070dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2071dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2072dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
2073dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
2074dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
2075dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
2076dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
2077dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
2078dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
2079dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
2080dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
2081dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
2082dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
2083dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
2084dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\imm32.dll'.
2085dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\imm32.dll' [rescheduled]
2086dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
2087dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
2088dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
2089dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
2090dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
2091dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
2092dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
2093dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
2094dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
2095dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
2096dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
2097dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
2098dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
2099dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
2100dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
2101dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
2102dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
2103dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
2104dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
2105dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
2106dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2107dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2108dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
2109dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
2110dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
2111dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
2112dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
2113dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
2114dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
2115dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
2116dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
2117dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
2118dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
2119dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
2120dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
2121dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2122dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96ae0000 'C:\Windows\System32\ADVAPI32.DLL'
2123dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\imm32.dll'.
2124dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\imm32.dll' [rescheduled]
2125dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'.
2126dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll' [rescheduled]
2127dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'.
2128dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll' [rescheduled]
2129dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'.
2130dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rescheduled]
2131dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'.
2132dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll' [rescheduled]
2133dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'.
2134dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll' [rescheduled]
2135dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'.
2136dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rescheduled]
2137dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'.
2138dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll' [rescheduled]
2139dd4.9cc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume7\Windows\System32\glu32.dll'.
2140dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll' [rescheduled]
2141dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\mpr.dll'.
2142dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll' [rescheduled]
2143dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\shell32.dll'.
2144dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rescheduled]
2145dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2146dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2147dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\win32u.dll'.
2148dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rescheduled]
2149dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'.
2150dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rescheduled]
2151dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\user32.dll'.
2152dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rescheduled]
2153dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'.
2154dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rescheduled]
2155dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\combase.dll'.
2156dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rescheduled]
2157dd4.9cc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'.
2158dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll' [rescheduled]
2159dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7ea90000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
2160dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2161dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2162dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\imm32.dll'
2163dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2164dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2165dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\windows.storage.dll'
2166dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2167dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2168dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\kernel.appcore.dll'
2169dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2170dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2171dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll'
2172dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2173dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2174dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\powrprof.dll'
2175dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2176dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2177dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\SHCore.dll'
2178dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2179dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2180dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll'
2181dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2182dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2183dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\gdi32full.dll'
2184dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000490 pwszName=\Device\HarddiskVolume7\Windows\System32\glu32.dll
2185dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2186dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2187dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=45FF4C1DBC7AE18A1DA512455F13BC17EA659425
2188dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2189dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2190dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpenGL-Package~31bf3856ad364e35~amd64~~10.0.17763.1.cat'; file='\Device\HarddiskVolume7\Windows\System32\glu32.dll'
2191dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2192dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\glu32.dll'
2193dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2194dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2195dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\mpr.dll'
2196dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2197dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2198dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\shell32.dll'
2199dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2200dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2201dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
2202dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2203dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2204dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\win32u.dll'
2205dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2206dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2207dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\gdi32.dll'
2208dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2209dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2210dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\user32.dll'
2211dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2212dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll
2213dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2214dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2215dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll'
2216dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2217dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2218dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\combase.dll'
2219dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2220dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2221dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\winmmbase.dll'
2222dd4.9cc: SUPR3HardenedMain: Calling TrustedMain (00007ffb7ea916c0)...
2223dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2224dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2225dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
2226dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
2227dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2228dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
2229dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
2230dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2231dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2232dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
2233dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2234dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2235dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2236dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2237dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2238dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2239dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2240dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2241dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2242dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2243dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2244dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2245dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2246dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2247dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2248dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
2249dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2250dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2251dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll
2252dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2253dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2254dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
2255dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2256dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume7\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2257dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
2258dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2259dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume7\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2260dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\imm32.dll
2261dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2262dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2263dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2264dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2265dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
2266dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2267dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2268dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2269dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2270dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb7e690000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2271dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2272dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e690000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2273dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000650 pwszName=\Device\HarddiskVolume7\Windows\System32\uxtheme.dll
2274dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2275dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2276dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D45ED6F0D04171692F0C7B4BCCEB483F6CE47B0
2277dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rsaenh.dll
2278dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2279dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2280dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2281dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1423_for_KB5013941~31bf3856ad364e35~amd64~~10.0.1.6.cat'; file='\Device\HarddiskVolume7\Windows\System32\uxtheme.dll'
2282dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2283dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2284dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
2285dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
2286dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\uxtheme.dll) WinVerifyTrust
2287dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\uxtheme.dll
2288dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2289dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2290dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2291dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2292dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2293dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2294dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2295dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\uxtheme.dll
2296dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb91d10000 LB 0x0009c000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
2297dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\uxtheme.dll
2298dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91d10000 'C:\Windows\system32\uxtheme.dll'
2299dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'C:\Windows\system32\user32.dll'
2300dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll
2301dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2302dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb95320000 'C:\Windows\system32\shell32.dll'
2303dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\SHCore.dll
2304dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2305dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96d40000 'C:\Windows\system32\SHCore.dll'
2306dd4.9cc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2307dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
2308dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2309dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'crypt32.dll'.
2310dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'cryptsp.dll'.
2311dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
2312dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'user32.dll'.
2313dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'gdi32.dll'.
2314dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\dwmapi.dll)
2315dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\dwmapi.dll
2316dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb92020000 LB 0x0002e000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
2317dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
2318dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2319dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2320dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2321dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2322dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\user32.dll
2323dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2324dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2325dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll
2326dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cryptsp.dll'...
2327dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cryptsp.dll' -> '\Device\HarddiskVolume7\Windows\System32\cryptsp.dll' [rcNtRedir=0xc0150008]
2328dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cryptsp.dll
2329dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
2330dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume7\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
2331dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2332dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2333dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2334dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2335dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\dwmapi.dll'
2336dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
2337dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2338dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91370000 'C:\Windows\system32\winmm.dll'
2339dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
2340dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2341dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91370000 'C:\Windows\system32\winmm.dll'
2342dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll
2343dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2344dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb95320000 'C:\Windows\system32\shell32.dll'
2345dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\uxtheme.dll
2346dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2347dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91d10000 'C:\Windows\system32\uxtheme.dll'
2348dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
2349dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2350dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96ae0000 'C:\Windows\system32\advapi32.dll'
2351dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2352dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2353dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
2354dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'profapi.dll'.
2355dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\userenv.dll) WinVerifyTrust
2356dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\userenv.dll
2357dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
2358dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
2359dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\profapi.dll
2360dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2361dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2362dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
2363dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2364dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\userenv.dll
2365dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb936f0000 LB 0x00029000 C:\Windows\system32\userenv.dll [fFlags=0x0]
2366dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\userenv.dll
2367dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb936f0000 'C:\Windows\system32\userenv.dll'
2368dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll
2369dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2370dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
2371dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb94a30000 LB 0x000a2000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
2372dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2373dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
2374dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\clbcatq.dll)
2375dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\clbcatq.dll
2376dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2377dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2378dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2379dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2380dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2381dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2382dd4.74c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\clbcatq.dll'
2383dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2384dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2385dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2386dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2387dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2388dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2389dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2390dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2391dd4.74c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2392dd4.74c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxC.dll
2393dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2394dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2395dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
2396dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2397dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2398dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
2399dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2400dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2401dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
2402dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2403dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2404dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2405dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2406dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll
2407dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2408dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2409dd4.74c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2410dd4.74c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxC.dll
2411dd4.74c: supR3HardenedDllNotificationCallback: load 00007ffb71750000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2412dd4.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxC.dll
2413dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb71750000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2414dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2415dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2416dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2417dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2418dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2419dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2420dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2421dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2422dd4.74c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2423dd4.74c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2424dd4.74c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2425dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2426dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2427dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2428dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2429dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
2430dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2431dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2432dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
2433dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2434dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2435dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shlwapi.dll
2436dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2437dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2438dd4.74c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\advapi32.dll
2439dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2440dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2441dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2442dd4.74c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2443dd4.74c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2444dd4.74c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2445dd4.74c: supR3HardenedDllNotificationCallback: load 00007ffb7e5a0000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2446dd4.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2447dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7e5a0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2448dd4.74c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
2449dd4.74c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2450dd4.74c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96a10000 'C:\Windows\System32\oleaut32.dll'
2451dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb974b0000 'C:\Windows\system32\gdi32.dll'
2452dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll
2453dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2454dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb95320000 'C:\Windows\system32\shell32.dll'
2455dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2456dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2457dd4.9cc: '\Device\HarddiskVolume7\Windows\System32\ntdll.dll' has no imports
2458dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ntdll.dll) WinVerifyTrust
2459dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ntdll.dll
2460dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2461dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97800000 'C:\Windows\System32\ntdll.dll'
2462dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb96df0000 LB 0x0016b000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
2463dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2464dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'oleaut32.dll'.
2465dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
2466dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
2467dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
2468dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
2469dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\msctf.dll)
2470dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\msctf.dll
2471dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2472dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2473dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2474dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume7\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2475dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\imm32.dll
2476dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2477dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2478dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2479dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2480dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2481dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2482dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
2483dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2484dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2485dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
2486dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2487dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2488dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\msctf.dll'
2489dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009b4 pwszName=\Device\HarddiskVolume7\Windows\System32\DataExchange.dll
2490dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2491dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2492dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F9D0938889A757F59F316E079661A1ECBD2A49CC
2493dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2494dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2495dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_481_for_KB5012647~31bf3856ad364e35~amd64~~10.0.1.3.cat'; file='\Device\HarddiskVolume7\Windows\System32\DataExchange.dll'
2496dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2497dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2498dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
2499dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'combase.dll'.
2500dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'd3d11.dll'.
2501dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'dcomp.dll'.
2502dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\DataExchange.dll) WinVerifyTrust
2503dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\DataExchange.dll
2504dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
2505dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume7\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
2506dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2507dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2508dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
2509dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
2510dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'oleaut32.dll'.
2511dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dxgi.dll'.
2512dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\dcomp.dll) WinVerifyTrust
2513dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\dcomp.dll
2514dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
2515dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume7\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
2516dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
2517dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume7\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
2518dd4.9cc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume7\Windows\System32\dxgi.dll'.
2519dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2520dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
2521dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\dxgi.dll)
2522dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\dxgi.dll
2523dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2524dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2525dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\oleaut32.dll
2526dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2527dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2528dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
2529dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2530dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2531dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll
2532dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2533dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2534dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll
2535dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2536dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2537dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2538dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2539dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2540dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dxgi.dll'.
2541dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'win32u.dll'.
2542dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\d3d11.dll) WinVerifyTrust
2543dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\d3d11.dll
2544dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2545dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2546dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll
2547dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2548dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume7\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2549dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\SHCore.dll
2550dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2551dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2552dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2553dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2554dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\win32u.dll
2555dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
2556dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume7\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
2557dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dxgi.dll [redoing WinVerifyTrust]
2558dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2559dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2560dd4.9cc: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\dxgi.dll'
2561dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2562dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2563dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2564dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DataExchange.dll
2565dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d11.dll
2566dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dcomp.dll
2567dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dxgi.dll
2568dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb92560000 LB 0x000c2000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
2569dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dxgi.dll
2570dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb90930000 LB 0x0027e000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
2571dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d11.dll
2572dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb91170000 LB 0x001c3000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
2573dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dcomp.dll
2574dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb83440000 LB 0x00057000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
2575dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DataExchange.dll
2576dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\gdi32.dll
2577dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\gdi32.dll (Input=gdi32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2578dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb974b0000 'C:\Windows\System32\gdi32.dll'
2579dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb83440000 'C:\Windows\system32\dataexchange.dll'
2580dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
2581dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'rpcrt4.dll'.
2582dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
2583dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'msvcp_win.dll'.
2584dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\twinapi.appcore.dll)
2585dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\twinapi.appcore.dll
2586dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2587dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
2588dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\rmclient.dll)
2589dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\rmclient.dll
2590dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb92050000 LB 0x00028000 C:\Windows\system32\RMCLIENT.dll [fFlags=0x0]
2591dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
2592dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb91e10000 LB 0x0020c000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
2593dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
2594dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2595dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2596dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2597dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2598dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2599dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2600dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
2601dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2602dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2603dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll
2604dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2605dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2606dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
2607dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume7\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
2608dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
2609dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2610dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2611dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\rmclient.dll'
2612dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2613dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2614dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\twinapi.appcore.dll'
2615dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\SHCore.dll
2616dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2617dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96d40000 'C:\Windows\system32\Shcore.dll'
2618dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2619dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
2620dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
2621dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
2622dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\TextInputFramework.dll)
2623dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\TextInputFramework.dll
2624dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2625dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
2626dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
2627dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\CoreUIComponents.dll)
2628dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\CoreUIComponents.dll
2629dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2630dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
2631dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\CoreMessaging.dll)
2632dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\CoreMessaging.dll
2633dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ntmarta.dll)
2634dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ntmarta.dll
2635dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
2636dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
2637dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'bcryptprimitives.dll'.
2638dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\WinTypes.dll)
2639dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\WinTypes.dll
2640dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb927e0000 LB 0x00031000 C:\Windows\SYSTEM32\ntmarta.dll [fFlags=0x0]
2641dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
2642dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb913a0000 LB 0x000e1000 C:\Windows\System32\CoreMessaging.dll [fFlags=0x0]
2643dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
2644dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb8f8a0000 LB 0x00151000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
2645dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
2646dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb8f530000 LB 0x00322000 C:\Windows\System32\CoreUIComponents.dll [fFlags=0x0]
2647dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
2648dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb8da00000 LB 0x00093000 C:\Windows\System32\TextInputFramework.dll [fFlags=0x0]
2649dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
2650dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
2651dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
2652dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcryptprimitives.dll
2653dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2654dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2655dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2656dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume7\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2657dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\combase.dll
2658dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2659dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2660dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2661dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2662dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2663dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume7\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2664dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\SHCore.dll
2665dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2666dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume7\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2667dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
2668dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2669dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2670dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2671dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume7\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2672dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
2673dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
2674dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume7\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
2675dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
2676dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2677dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2678dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2679dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2680dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2681dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2682dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\WinTypes.dll'
2683dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2684dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2685dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\ntmarta.dll'
2686dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2687dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2688dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\CoreMessaging.dll'
2689dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2690dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2691dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\CoreUIComponents.dll'
2692dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2693dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2694dd4.9cc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\TextInputFramework.dll'
2695dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
2696dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2697dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
2698dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
2699dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2700dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
2701dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
2702dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2703dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94b10000 'api-ms-win-core-com-l1-1-0.dll'
2704dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msctf.dll
2705dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2706dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96df0000 'C:\Windows\System32\MSCTF.dll'
2707dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ole32.dll
2708dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2709dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb972a0000 'C:\Windows\System32\ole32.dll'
2710dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96a10000 'C:\Windows\System32\OLEAUT32.dll'
2711dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b00 pwszName=\Device\HarddiskVolume7\Windows\System32\wbem\wbemprox.dll
2712dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2713dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2714dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=61B08AF50BF6163BDE34EB0C9B6605297BA2441A
2715dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2716dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2717dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4010_for_KB5012636~31bf3856ad364e35~amd64~~10.0.1.7.cat'; file='\Device\HarddiskVolume7\Windows\System32\wbem\wbemprox.dll'
2718dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2719dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2720dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2721dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2722dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2723dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\wbem\wbemprox.dll
2724dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2725dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume7\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2726dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000aa8 pwszName=\Device\HarddiskVolume7\Windows\System32\wbemcomn.dll
2727dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2728dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2729dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A100CB0C932CFE687A34B13A372B57561F2C3C63
2730dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2731dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2732dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4010_for_KB5012636~31bf3856ad364e35~amd64~~10.0.1.7.cat'; file='\Device\HarddiskVolume7\Windows\System32\wbemcomn.dll'
2733dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2734dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2735dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
2736dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
2737dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\wbemcomn.dll) WinVerifyTrust
2738dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\wbemcomn.dll
2739dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2740dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2741dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
2742dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2743dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2744dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2745dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2746dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
2747dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
2748dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume7\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
2749dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcrypt.dll
2750dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2751dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2752dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2753dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbem\wbemprox.dll
2754dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbemcomn.dll
2755dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb85440000 LB 0x0008d000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2756dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbemcomn.dll
2757dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb8b420000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2758dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbem\wbemprox.dll
2759dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
2760dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2761dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2762dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8b420000 'C:\Windows\system32\wbem\wbemprox.dll'
2763dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b30 pwszName=\Device\HarddiskVolume7\Windows\System32\wbem\wbemsvc.dll
2764dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2765dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2766dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2479751D59078C3499423233D67A94D93457E663
2767dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2768dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2769dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_4010_for_KB5012636~31bf3856ad364e35~amd64~~10.0.1.7.cat'; file='\Device\HarddiskVolume7\Windows\System32\wbem\wbemsvc.dll'
2770dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2771dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2772dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2773dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2774dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\wbem\wbemsvc.dll
2775dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2776dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2777dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2778dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2779dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2780dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbem\wbemsvc.dll
2781dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb84990000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2782dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbem\wbemsvc.dll
2783dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb84990000 'C:\Windows\system32\wbem\wbemsvc.dll'
2784dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
2785dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2786dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-0.dll'
2787dd4.9cc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
2788dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2789dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
2790dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b88 pwszName=\Device\HarddiskVolume7\Windows\System32\wbem\fastprox.dll
2791dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
2792dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
2793dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5D738E4890595C8890290239456518F354997BFD
2794dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2795dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2796dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Server-Features-Package019~31bf3856ad364e35~amd64~~10.0.17763.1.cat'; file='\Device\HarddiskVolume7\Windows\System32\wbem\fastprox.dll'
2797dd4.9cc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2798dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2799dd4.9cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'wbemcomn.dll'.
2800dd4.9cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2801dd4.9cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\wbem\fastprox.dll
2802dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2803dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume7\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2804dd4.9cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbemcomn.dll
2805dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2806dd4.9cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2807dd4.9cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2808dd4.9cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbem\fastprox.dll
2809dd4.9cc: supR3HardenedDllNotificationCallback: load 00007ffb849b0000 LB 0x000f1000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2810dd4.9cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wbem\fastprox.dll
2811dd4.9cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb849b0000 'C:\Windows\system32\wbem\fastprox.dll'
2812dd4.4e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2813dd4.4e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2814dd4.4e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2815dd4.4e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2816dd4.4e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2817dd4.4e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2818dd4.4e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2819dd4.4e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2820dd4.4e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2821dd4.4e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2822dd4.4e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2823dd4.4e8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2824dd4.4e8: supR3HardenedDllNotificationCallback: load 00007ffb7b170000 LB 0x0037e000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2825dd4.4e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2826dd4.4e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7b170000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2827dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb972a0000 'C:\Windows\system32\ole32.dll'
2828dd4.183c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb972a0000 'C:\Windows\system32\ole32.dll'
2829dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2830dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2831dd4.12ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2832dd4.12ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2833dd4.12ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2834dd4.12ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2835dd4.12ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
2836dd4.12ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
2837dd4.12ec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2838dd4.12ec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2839dd4.12ec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2840dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2841dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2842dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2843dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2844dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2845dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2846dd4.12ec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2847dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2848dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2849dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2850dd4.12ec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2851dd4.12ec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2852dd4.12ec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2853dd4.12ec: supR3HardenedDllNotificationCallback: load 00007ffb85370000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2854dd4.12ec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2855dd4.12ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb85370000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2856dd4.14a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2857dd4.14a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2858dd4.14a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2859dd4.14a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2860dd4.14a8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2861dd4.14a8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2862dd4.14a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2863dd4.14a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2864dd4.14a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2865dd4.14a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2866dd4.14a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2867dd4.14a8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2868dd4.14a8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2869dd4.14a8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2870dd4.14a8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2871dd4.14a8: supR3HardenedDllNotificationCallback: load 00007ffb84650000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2872dd4.14a8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2873dd4.14a8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb84650000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2874dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\shell32.dll
2875dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2876dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb95320000 'C:\Windows\system32\Shell32.dll'
2877dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2878dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2879dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2880dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2881dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2882dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2883dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2884dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
2885dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
2886dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2887dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2888dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
2889dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
2890dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
2891dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
2892dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD.dll
2893dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2894dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2895dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2896dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2897dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
2898dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2899dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\IPHLPAPI.DLL
2900dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2901dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2902dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2903dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2904dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
2905dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2906dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2907dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2908dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2909dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2910dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2911dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2912dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
2913dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'cfgmgr32.dll'.
2914dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'bcrypt.dll'.
2915dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\setupapi.dll) WinVerifyTrust
2916dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\setupapi.dll
2917dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2918dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2919dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
2920dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
2921dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
2922dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume7\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
2923dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\bcrypt.dll
2924dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
2925dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
2926dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll
2927dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2928dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2929dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2930dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2931dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2932dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2933dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2934dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2935dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
2936dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2937dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
2938dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
2939dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2940dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2941dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2942dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2943dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll
2944dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2945dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2946dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2947dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2948dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2949dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2950dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2951dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
2952dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2953dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2954dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2955dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2956dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2957dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2958dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2959dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2960dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2961dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2962dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2963dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2964dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\setupapi.dll
2965dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2966dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2967dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2968dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2969dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2970dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2971dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2972dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD.dll
2973dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2974dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2975dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\IPHLPAPI.DLL
2976dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb94e40000 LB 0x0047c000 C:\Windows\System32\SETUPAPI.dll [fFlags=0x0]
2977dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\setupapi.dll
2978dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb7e530000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
2979dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2980dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb62e40000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
2981dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2982dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb92d20000 LB 0x0003e000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
2983dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\IPHLPAPI.DLL
2984dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb64dc0000 LB 0x00a04000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
2985dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD.dll
2986dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb64dc0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
2987dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2988dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2989dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxC.dll
2990dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2991dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb71750000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
2992dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2993dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2994dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2995dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2996dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb62e40000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
2997dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
2998dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
2999dd4.11ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3000dd4.11ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3001dd4.11ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3002dd4.11ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3003dd4.11ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3004dd4.11ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3005dd4.11ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3006dd4.11ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3007dd4.11ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3008dd4.11ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3009dd4.11ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3010dd4.11ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3011dd4.11ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3012dd4.11ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3013dd4.11ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3014dd4.11ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3015dd4.11ac: supR3HardenedDllNotificationCallback: load 00007ffb83570000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3016dd4.11ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3017dd4.11ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb83570000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3018dd4.e40: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3019dd4.e40: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3020dd4.e40: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3021dd4.e40: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3022dd4.e40: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3023dd4.e40: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3024dd4.e40: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
3025dd4.e40: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3026dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3027dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3028dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3029dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3030dd4.e40: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3031dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3032dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3033dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3034dd4.e40: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3035dd4.e40: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3036dd4.e40: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3037dd4.e40: supR3HardenedDllNotificationCallback: load 00007ffb83560000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
3038dd4.e40: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3039dd4.e40: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb83560000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
3040dd4.6e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3041dd4.6e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3042dd4.6e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3043dd4.6e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3044dd4.6e8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3045dd4.6e8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
3046dd4.6e8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3047dd4.6e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3048dd4.6e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3049dd4.6e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3050dd4.6e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3051dd4.6e8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3052dd4.6e8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3053dd4.6e8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3054dd4.6e8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3055dd4.6e8: supR3HardenedDllNotificationCallback: load 00007ffb82c40000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
3056dd4.6e8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3057dd4.6e8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb82c40000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
3058dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\IPHLPAPI.DLL
3059dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3060dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92d20000 'C:\Windows\system32\Iphlpapi.dll'
3061dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3062dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
3063dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\winnsi.dll)
3064dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\winnsi.dll
3065dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb970e0000 LB 0x00008000 C:\Windows\System32\NSI.dll [fFlags=0x0]
3066dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\nsi.dll)
3067dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\nsi.dll
3068dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8ccd0000 LB 0x0000b000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
3069dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
3070dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3071dd4.ddc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume7\Windows\System32\dhcpcsvc6.dll)
3072dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\dhcpcsvc6.dll
3073dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8bed0000 LB 0x00016000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
3074dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
3075dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3076dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
3077dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
3078dd4.ddc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume7\Windows\System32\dhcpcsvc.dll)
3079dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\dhcpcsvc.dll
3080dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8cbe0000 LB 0x0001c000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
3081dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
3082dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'ws2_32.dll'.
3083dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'nsi.dll'.
3084dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\dnsapi.dll)
3085dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\dnsapi.dll
3086dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb92d60000 LB 0x000c6000 C:\Windows\SYSTEM32\DNSAPI.dll [fFlags=0x0]
3087dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust]
3088dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3089dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume7\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3090dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\nsi.dll [lacks WinVerifyTrust]
3091dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3092dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3093dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
3094dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3095dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume7\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3096dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\nsi.dll [lacks WinVerifyTrust]
3097dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3098dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3099dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
3100dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3101dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3102dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3103dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3104dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3105dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume7\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3106dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\nsi.dll [lacks WinVerifyTrust]
3107dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3108dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3109dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3110dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3111dd4.ddc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\dnsapi.dll'
3112dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c04 pwszName=\Device\HarddiskVolume7\Windows\System32\dhcpcsvc.dll
3113dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
3114dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
3115dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AF9E4134AF31A27F62C436E5E03261742B0D90E9
3116dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3117dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3118dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1911_for_KB5012647~31bf3856ad364e35~amd64~~10.0.1.3.cat'; file='\Device\HarddiskVolume7\Windows\System32\dhcpcsvc.dll'
3119dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3120dd4.ddc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\dhcpcsvc.dll'
3121dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ca0 pwszName=\Device\HarddiskVolume7\Windows\System32\dhcpcsvc6.dll
3122dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
3123dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
3124dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=74B5949213F8BA7F7C3DC2C4BEA60943D6F4DC93
3125dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3126dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3127dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_1911_for_KB5012647~31bf3856ad364e35~amd64~~10.0.1.3.cat'; file='\Device\HarddiskVolume7\Windows\System32\dhcpcsvc6.dll'
3128dd4.ddc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3129dd4.ddc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\dhcpcsvc6.dll'
3130dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3131dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3132dd4.ddc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\nsi.dll'
3133dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3134dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3135dd4.ddc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\winnsi.dll'
3136dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3137dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3138dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
3139dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'devobj.dll'.
3140dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'propsys.dll'.
3141dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\MMDevAPI.dll) WinVerifyTrust
3142dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\MMDevAPI.dll
3143dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'propsys.dll'...
3144dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'propsys.dll' -> '\Device\HarddiskVolume7\Windows\System32\propsys.dll' [rcNtRedir=0xc0150008]
3145dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3146dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3147dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3148dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
3149dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
3150dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\propsys.dll) WinVerifyTrust
3151dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\propsys.dll
3152dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
3153dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume7\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
3154dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3155dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3156dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3157dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3158dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3159dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3160dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3161dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3162dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
3163dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\devobj.dll) WinVerifyTrust
3164dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\devobj.dll
3165dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3166dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3167dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3168dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3169dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cfgmgr32.dll
3170dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3171dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\MMDevAPI.dll
3172dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\devobj.dll
3173dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\propsys.dll
3174dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb935e0000 LB 0x00029000 C:\Windows\System32\DEVOBJ.dll [fFlags=0x0]
3175dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\devobj.dll
3176dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8fa00000 LB 0x001a9000 C:\Windows\System32\PROPSYS.dll [fFlags=0x0]
3177dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\propsys.dll
3178dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb858d0000 LB 0x00070000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
3179dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\MMDevAPI.dll
3180dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb858d0000 'C:\Windows\System32\MMDevApi.dll'
3181dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\MMDevAPI.dll
3182dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3183dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb858d0000 'C:\Windows\System32\MMDEVAPI.DLL'
3184dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3185dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3186dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3187dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3188dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
3189dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'gdi32.dll'.
3190dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'dwmapi.dll'.
3191dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\d3d9.dll) WinVerifyTrust
3192dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\d3d9.dll
3193dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dwmapi.dll'...
3194dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dwmapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\dwmapi.dll' [rcNtRedir=0xc0150008]
3195dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dwmapi.dll
3196dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3197dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3198dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
3199dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume7\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
3200dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3201dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3202dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3203dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3204dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3205dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d9.dll
3206dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb7feb0000 LB 0x0019e000 C:\Windows\system32\d3d9.dll [fFlags=0x0]
3207dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d9.dll
3208dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7feb0000 'C:\Windows\system32\d3d9.dll'
3209dd4.ddc: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll: Owner is administrators group.
3210dd4.ddc: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x61ae9545; retrying against current time: 0x628f4544.
3211dd4.ddc: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME (-23033) w/ timestamp=0x628f4544/now.
3212dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3213dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3214dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'version.dll'.
3215dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'user32.dll'.
3216dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll) WinVerifyTrust
3217dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3218dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3219dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3220dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
3221dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume7\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
3222dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3223dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3224dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3225dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\version.dll) WinVerifyTrust
3226dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\version.dll
3227dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3228dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3229dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3230dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3231dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\version.dll
3232dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8d300000 LB 0x0000a000 C:\Windows\SYSTEM32\VERSION.dll [fFlags=0x0]
3233dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\version.dll
3234dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8d360000 LB 0x00106000 C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll [fFlags=0x0]
3235dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3236dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3237dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3238dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3239dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3240dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3241dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3242dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3243dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3244dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3245dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3246dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3247dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3248dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3249dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3250dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-1'
3251dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll
3252dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3253dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
3254dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3255dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msasn1.dll
3256dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msasn1.dll (Input=msasn1.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3257dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb93870000 'C:\Windows\System32\msasn1.dll'
3258dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
3259dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3260dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3261dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3262dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\drvstore.dll) WinVerifyTrust
3263dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\drvstore.dll
3264dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3265dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3266dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcrt.dll
3267dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\drvstore.dll (Input=drvstore.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3268dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\drvstore.dll
3269dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb8c8c0000 LB 0x00133000 C:\Windows\System32\drvstore.dll [fFlags=0x0]
3270dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\drvstore.dll
3271dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8c8c0000 'C:\Windows\System32\drvstore.dll'
3272dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\devobj.dll
3273dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\devobj.dll (Input=devobj.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3274dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb935e0000 'C:\Windows\System32\devobj.dll'
3275dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3276dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3277dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3278dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'crypt32.dll'.
3279dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'wintrust.dll'.
3280dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\wldp.dll) WinVerifyTrust
3281dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\wldp.dll
3282dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wintrust.dll'...
3283dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wintrust.dll' -> '\Device\HarddiskVolume7\Windows\System32\wintrust.dll' [rcNtRedir=0xc0150008]
3284dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll
3285dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
3286dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume7\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
3287dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3288dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3289dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wldp.dll (Input=wldp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3290dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wldp.dll
3291dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb93270000 LB 0x00025000 C:\Windows\System32\wldp.dll [fFlags=0x0]
3292dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wldp.dll
3293dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb93270000 'C:\Windows\System32\wldp.dll'
3294dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cryptbase.dll
3295dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3296dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb931e0000 'C:\Windows\System32\cryptbase.dll'
3297dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3298dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll
3299dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wintrust.dll (Input=wintrust.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3300dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\System32\wintrust.dll'
3301dd4.ddc: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll: Owner is administrators group.
3302dd4.ddc: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME for 0x61ae95c2; retrying against current time: 0x628f4544.
3303dd4.ddc: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll: Signature #1/2: VERR_CR_X509_CPV_NOT_VALID_AT_TIME (-23033) w/ timestamp=0x628f4544/now.
3304dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3305dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3306dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'version.dll'.
3307dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
3308dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
3309dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
3310dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
3311dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll) WinVerifyTrust
3312dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll
3313dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3314dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume7\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3315dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
3316dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
3317dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
3318dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3319dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3320dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3321dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume7\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3322dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
3323dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume7\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
3324dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\version.dll
3325dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3326dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll
3327dd4.ddc: supR3HardenedDllNotificationCallback: load 00007ffb61580000 LB 0x018b1000 C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll [fFlags=0x0]
3328dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll
3329dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3330dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3331dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3332dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3333dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3334dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3335dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3336dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3337dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3338dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3339dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3340dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3341dd4.ddc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3342dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3343dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-1'
3344dd4.ddc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll
3345dd4.ddc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3346dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
3347dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb61580000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll'
3348dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3349dd4.ddc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'dxgi.dll'.
3350dd4.ddc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\D3D12.dll)
3351dd4.ddc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3352dd4.ddc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001130 (hFile=0000000000001110) with 0xc0000022 -> STATUS_TRUST_FAILURE
3353dd4.ddc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll [avoiding WinVerifyTrust]
3354dd4.ddc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001110 (hFile=0000000000001130) with 0xc0000022 -> STATUS_TRUST_FAILURE
3355dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
3356dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume7\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
3357dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\dxgi.dll
3358dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3359dd4.ddc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3360dd4.ddc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
3361dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3362dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3363dd4.ddc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\D3D12.dll'
3364dd4.ddc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb974b0000 'C:\Windows\System32\gdi32.dll'
3365dd4.e24: '\Device\HarddiskVolume7\Windows\System32\tzres.dll' has no imports
3366dd4.e24: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume7\Windows\System32\tzres.dll)
3367dd4.e24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\tzres.dll
3368dd4.e24: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001154 (hFile=0000000000001120) with 0xc0000022 -> STATUS_TRUST_FAILURE
3369dd4.e24: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume7\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
3370dd4.e24: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001120 (hFile=0000000000001154) with 0xc0000022 -> STATUS_TRUST_FAILURE
3371dd4.af4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001130 pwszName=\Device\HarddiskVolume7\Windows\System32\tzres.dll
3372dd4.af4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000124c420
3373dd4.af4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000124c420
3374dd4.af4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll
3375dd4.af4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3376dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\System32\WINTRUST.DLL'
3377dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\CRYPT32.dll'
3378dd4.af4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AF8814E8FDFD822911F87A1B2734227D54081CCE
3379dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3380dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3381dd4.af4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_688_for_KB5012647~31bf3856ad364e35~amd64~~10.0.1.3.cat'; file='\Device\HarddiskVolume7\Windows\System32\tzres.dll'
3382dd4.af4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3383dd4.af4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\tzres.dll'
3384dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3385dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3386dd4.af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3387dd4.af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
3388dd4.af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
3389dd4.af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'mmdevapi.dll'.
3390dd4.af4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'avrt.dll'.
3391dd4.af4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\AudioSes.dll) WinVerifyTrust
3392dd4.af4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\AudioSes.dll
3393dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
3394dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
3395dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3396dd4.af4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\crypt32.dll
3397dd4.af4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3398dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3399dd4.af4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\avrt.dll) WinVerifyTrust
3400dd4.af4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\avrt.dll
3401dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3402dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume7\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3403dd4.af4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\MMDevAPI.dll
3404dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3405dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume7\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3406dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3407dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3408dd4.af4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\rpcrt4.dll
3409dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3410dd4.af4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3411dd4.af4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msvcp_win.dll
3412dd4.af4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3413dd4.af4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\AudioSes.dll
3414dd4.af4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\avrt.dll
3415dd4.af4: supR3HardenedDllNotificationCallback: load 00007ffb8efa0000 LB 0x0000a000 C:\Windows\SYSTEM32\AVRT.dll [fFlags=0x0]
3416dd4.af4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\avrt.dll
3417dd4.af4: supR3HardenedDllNotificationCallback: load 00007ffb8e790000 LB 0x0014a000 C:\Windows\System32\AUDIOSES.DLL [fFlags=0x0]
3418dd4.af4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\AudioSes.dll
3419dd4.af4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8e790000 'C:\Windows\System32\AUDIOSES.DLL'
3420dd4.e24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3421dd4.e24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3422dd4.e24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ws2_32.dll'.
3423dd4.e24: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
3424dd4.e24: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\mswsock.dll) WinVerifyTrust
3425dd4.e24: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\mswsock.dll
3426dd4.e24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3427dd4.e24: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3428dd4.e24: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3429dd4.e24: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume7\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3430dd4.e24: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ws2_32.dll
3431dd4.e24: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3432dd4.e24: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\mswsock.dll
3433dd4.e24: supR3HardenedDllNotificationCallback: load 00007ffb93010000 LB 0x00067000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
3434dd4.e24: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\mswsock.dll
3435dd4.e24: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb93010000 'C:\Windows\system32\mswsock.dll'
3436dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3437dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3438dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3439dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3440dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000978 (hFile=0000000000001310) with 0xc0000022 -> STATUS_TRUST_FAILURE
3441dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3442dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001310 (hFile=0000000000000978) with 0xc0000022 -> STATUS_TRUST_FAILURE
3443dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-core-resourcepolicy-l1-1-0.dll) -> 0x0, fPresent=1
3444dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-core-resourcepolicy-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3445dd4.e7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3446dd4.e7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
3447dd4.e7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Windows\System32\ResourcePolicyClient.dll)
3448dd4.e7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Windows\System32\ResourcePolicyClient.dll
3449dd4.e7c: supR3HardenedDllNotificationCallback: load 00007ffb92080000 LB 0x00014000 C:\Windows\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
3450dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
3451dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92080000 'ext-ms-win-core-resourcepolicy-l1-1-0.dll'
3452dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3453dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume7\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3454dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3455dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume7\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3456dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3457dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wintrust.dll
3458dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3459dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\System32\WINTRUST.DLL'
3460dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\CRYPT32.dll'
3461dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3462dd4.e7c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume7\Windows\System32\ResourcePolicyClient.dll'
3463dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb92080000 LB 0x00014000 C:\Windows\SYSTEM32\resourcepolicyclient.dll [flags=0x0]
3464dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3465dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3466dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3467dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3468dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000010b0 (hFile=0000000000001310) with 0xc0000022 -> STATUS_TRUST_FAILURE
3469dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3470dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001310 (hFile=00000000000010b0) with 0xc0000022 -> STATUS_TRUST_FAILURE
3471dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'C:\Windows\system32\user32.dll'
3472dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
3473dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3474dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91370000 'C:\Windows\System32\winmm.dll'
3475dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3476dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000013e4 (hFile=0000000000000908) with 0xc0000022 -> STATUS_TRUST_FAILURE
3477dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3478dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000908 (hFile=00000000000013e4) with 0xc0000022 -> STATUS_TRUST_FAILURE
3479dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\msasn1.dll
3480dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\msasn1.dll (Input=msasn1.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3481dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb93870000 'C:\Windows\System32\msasn1.dll'
3482dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cryptnet.dll
3483dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3484dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
3485dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\drvstore.dll
3486dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\drvstore.dll (Input=drvstore.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3487dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8c8c0000 'C:\Windows\System32\drvstore.dll'
3488dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\devobj.dll
3489dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\devobj.dll (Input=devobj.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3490dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb935e0000 'C:\Windows\System32\devobj.dll'
3491dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\wldp.dll
3492dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wldp.dll (Input=wldp.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3493dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb93270000 'C:\Windows\System32\wldp.dll'
3494dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\cryptbase.dll
3495dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptbase.dll (Input=cryptbase.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3496dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb931e0000 'C:\Windows\System32\cryptbase.dll'
3497dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb95320000 'C:\Windows\System32\Shell32.dll'
3498dd4.e7c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
3499dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
3500dd4.e7c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
3501dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
3502dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3503dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94640000 'C:\Windows\System32\wintrust.dll'
3504dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3505dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3506dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8cc00000 'C:\Windows\System32\cryptnet.dll'
3507dd4.e7c: \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll: Owner is administrators group.
3508dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3509dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3510dd4.e7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
3511dd4.e7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
3512dd4.e7c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'version.dll'.
3513dd4.e7c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll) WinVerifyTrust
3514dd4.e7c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3515dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
3516dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume7\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
3517dd4.e7c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\version.dll
3518dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
3519dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume7\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
3520dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3521dd4.e7c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume7\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3522dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3523dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3524dd4.e7c: supR3HardenedDllNotificationCallback: load 00007ffb7c010000 LB 0x000ae000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll [fFlags=0x0]
3525dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3526dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3527dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3528dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3529dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3530dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3531dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3532dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3533dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3534dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3535dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3536dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3537dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3538dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3539dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3540dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-1'
3541dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll
3542dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3543dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
3544dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7c010000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll'
3545dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
3546dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3547dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-string-l1-1-0'
3548dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
3549dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3550dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-datetime-l1-1-1'
3551dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
3552dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3553dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-obsolete-l1-2-0'
3554dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb7c010000 LB 0x000ae000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll [flags=0x0]
3555dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d9.dll
3556dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3557dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7feb0000 'C:\Windows\system32\d3d9.dll'
3558dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3559dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3560dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3561dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3562dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001164 (hFile=000000000000128c) with 0xc0000022 -> STATUS_TRUST_FAILURE
3563dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000128c (hFile=0000000000001164) with 0xc0000022 -> STATUS_TRUST_FAILURE
3564dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3565dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3566dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3567dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001310 (hFile=0000000000000908) with 0xc0000022 -> STATUS_TRUST_FAILURE
3568dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000908 (hFile=0000000000001310) with 0xc0000022 -> STATUS_TRUST_FAILURE
3569dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'C:\Windows\system32\user32.dll'
3570dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\winmm.dll
3571dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3572dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91370000 'C:\Windows\System32\winmm.dll'
3573dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001238 (hFile=0000000000001388) with 0xc0000022 -> STATUS_TRUST_FAILURE
3574dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001388 (hFile=0000000000001238) with 0xc0000022 -> STATUS_TRUST_FAILURE
3575dd4.e7c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
3576dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
3577dd4.e7c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
3578dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
3579dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3580dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3581dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3582dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3583dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3584dd4.e7c: supR3HardenedDllNotificationCallback: load 00007ffb7c010000 LB 0x000ae000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll [fFlags=0x0]
3585dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3586dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3587dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3588dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3589dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3590dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3591dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3592dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3593dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3594dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3595dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3596dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3597dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3598dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3599dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3600dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-1'
3601dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\kernel32.dll
3602dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3603dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
3604dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7c010000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll'
3605dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
3606dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3607dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-string-l1-1-0'
3608dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
3609dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3610dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-datetime-l1-1-1'
3611dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
3612dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3613dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-obsolete-l1-2-0'
3614dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb7c010000 LB 0x000ae000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll [flags=0x0]
3615dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d9.dll
3616dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3617dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7feb0000 'C:\Windows\system32\d3d9.dll'
3618dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3619dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3620dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3621dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001450 (hFile=000000000000144c) with 0xc0000022 -> STATUS_TRUST_FAILURE
3622dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000144c (hFile=0000000000001450) with 0xc0000022 -> STATUS_TRUST_FAILURE
3623dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll
3624dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3625dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb8d360000 'C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll'
3626dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\D3D12.dll
3627dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000908 (hFile=0000000000001388) with 0xc0000022 -> STATUS_TRUST_FAILURE
3628dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001388 (hFile=0000000000000908) with 0xc0000022 -> STATUS_TRUST_FAILURE
3629dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'C:\Windows\system32\user32.dll'
3630dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb91370000 'C:\Windows\System32\winmm.dll'
3631dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001458 (hFile=0000000000001454) with 0xc0000022 -> STATUS_TRUST_FAILURE
3632dd4.e7c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001454 (hFile=0000000000001458) with 0xc0000022 -> STATUS_TRUST_FAILURE
3633dd4.e7c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
3634dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
3635dd4.e7c: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\nvspcap64.dll': 0 (NtPath=\??\C:\Windows\system32\nvspcap64.dll; Input=C:\Windows\system32\nvspcap64.dll; rcNtGetDll=0x0
3636dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\nvspcap64.dll'
3637dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb92b90000 'C:\Windows\system32\rsaenh.dll'
3638dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb94440000 'C:\Windows\System32\crypt32.dll'
3639dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3640dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3641dd4.e7c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3642dd4.e7c: supR3HardenedDllNotificationCallback: load 00007ffb7c010000 LB 0x000ae000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll [fFlags=0x0]
3643dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll
3644dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3645dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3646dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3647dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3648dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3649dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3650dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3651dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3652dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-synch-l1-2-0'
3653dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3654dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3655dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-fibers-l1-1-1'
3656dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3657dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3658dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-l1-2-1'
3659dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb96c80000 'C:\Windows\System32\kernel32.dll'
3660dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7c010000 'C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll'
3661dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
3662dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3663dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-string-l1-1-0'
3664dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
3665dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3666dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-datetime-l1-1-1'
3667dd4.e7c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
3668dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3669dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb941a0000 'api-ms-win-core-localization-obsolete-l1-2-0'
3670dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb7c010000 LB 0x000ae000 C:\Program Files\NVIDIA Corporation\Ansel\NvCameraAllowlisting64.dll [flags=0x0]
3671dd4.e7c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume7\Windows\System32\d3d9.dll
3672dd4.e7c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\d3d9.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3673dd4.e7c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb7feb0000 'C:\Windows\system32\d3d9.dll'
3674dd4.12ec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb97630000 'C:\Windows\system32\User32.dll'
3675dd4.6e8: supR3HardenedDllNotificationCallback: Unload 00007ffb82c40000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
3676dd4.e40: supR3HardenedDllNotificationCallback: Unload 00007ffb83560000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
3677dd4.11ac: supR3HardenedDllNotificationCallback: Unload 00007ffb83570000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
3678dd4.14a8: supR3HardenedDllNotificationCallback: Unload 00007ffb84650000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
3679dd4.12ec: supR3HardenedDllNotificationCallback: Unload 00007ffb85370000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
3680dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb61580000 LB 0x018b1000 C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvd3dumx.dll [flags=0x0]
3681dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb8d360000 LB 0x00106000 C:\Windows\System32\DriverStore\FileRepository\nv_dispsi.inf_amd64_db8d3f1ff9f89487\nvldumdx.dll [flags=0x0]
3682dd4.e7c: supR3HardenedDllNotificationCallback: Unload 00007ffb8d300000 LB 0x0000a000 C:\Windows\SYSTEM32\VERSION.dll [flags=0x0]
3683dd4.ddc: supR3HardenedDllNotificationCallback: Unload 00007ffb64dc0000 LB 0x00a04000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
3684dd4.ddc: supR3HardenedDllNotificationCallback: Unload 00007ffb7e530000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
3685dd4.ddc: supR3HardenedDllNotificationCallback: Unload 00007ffb62e40000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
3686dd4.ddc: supR3HardenedDllNotificationCallback: Unload 00007ffb94e40000 LB 0x0047c000 C:\Windows\System32\SETUPAPI.dll [flags=0x0]
3687dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb84990000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
3688dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb8b420000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
3689dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb849b0000 LB 0x000f1000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0]
3690dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb85440000 LB 0x0008d000 C:\Windows\SYSTEM32\wbemcomn.dll [flags=0x0]
3691dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb7e5a0000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [flags=0x0]
3692dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb83440000 LB 0x00057000 C:\Windows\system32\dataexchange.dll [flags=0x0]
3693dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb90930000 LB 0x0027e000 C:\Windows\system32\d3d11.dll [flags=0x0]
3694dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb91170000 LB 0x001c3000 C:\Windows\system32\dcomp.dll [flags=0x0]
3695dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb92560000 LB 0x000c2000 C:\Windows\system32\dxgi.dll [flags=0x0]
3696dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb91e10000 LB 0x0020c000 C:\Windows\system32\twinapi.appcore.dll [flags=0x0]
3697dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb92050000 LB 0x00028000 C:\Windows\system32\RMCLIENT.dll [flags=0x0]
3698dd4.9cc: supR3HardenedDllNotificationCallback: Unload 00007ffb71750000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
3699dd4.9cc: Terminating the normal way: rcExit=0
3700300.17c0: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1125534 ms, the end);
37011974.528: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1126085 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy