VirtualBox

Ticket #20969: VBoxHardening.log

File VBoxHardening.log, 183.7 KB (added by Murdoch, 2 years ago)

VBoxHardening Log

Line 
1370.4960: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000084 g_uNtVerCombined=0xa04a6300
2370.4960: \SystemRoot\System32\ntdll.dll:
3370.4960: CreationTime: 2022-05-13T09:37:24.962297600Z
4370.4960: LastWriteTime: 2022-05-13T09:37:25.011955800Z
5370.4960: ChangeTime: 2022-05-13T21:27:08.242392000Z
6370.4960: FileAttributes: 0x20
7370.4960: Size: 0x1eeb38
8370.4960: NT Headers: 0xe8
9370.4960: Timestamp: 0x7b5414ec
10370.4960: Machine: 0x8664 - amd64
11370.4960: Timestamp: 0x7b5414ec
12370.4960: Image Version: 10.0
13370.4960: SizeOfImage: 0x1f5000 (2052096)
14370.4960: Resource Dir: 0x184000 LB 0x6fff8
15370.4960: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16370.4960: [Raw version resource data: 0x1840f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17370.4960: ProductName: Microsoft® Windows® Operating System
18370.4960: ProductVersion: 10.0.19041.1682
19370.4960: FileVersion: 10.0.19041.1682 (WinBuild.160101.0800)
20370.4960: FileDescription: NT Layer DLL
21370.4960: \SystemRoot\System32\kernel32.dll:
22370.4960: CreationTime: 2022-05-13T09:37:16.157371700Z
23370.4960: LastWriteTime: 2022-05-13T09:37:16.176080300Z
24370.4960: ChangeTime: 2022-05-13T21:27:08.008042100Z
25370.4960: FileAttributes: 0x20
26370.4960: Size: 0xbb058
27370.4960: NT Headers: 0xe8
28370.4960: Timestamp: 0x4e5c27cf
29370.4960: Machine: 0x8664 - amd64
30370.4960: Timestamp: 0x4e5c27cf
31370.4960: Image Version: 10.0
32370.4960: SizeOfImage: 0xbd000 (774144)
33370.4960: Resource Dir: 0xbb000 LB 0x520
34370.4960: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35370.4960: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36370.4960: ProductName: Microsoft® Windows® Operating System
37370.4960: ProductVersion: 10.0.19041.1706
38370.4960: FileVersion: 10.0.19041.1706 (WinBuild.160101.0800)
39370.4960: FileDescription: Windows NT BASE API Client DLL
40370.4960: \SystemRoot\System32\KernelBase.dll:
41370.4960: CreationTime: 2022-05-13T09:37:25.904947200Z
42370.4960: LastWriteTime: 2022-05-13T09:37:25.981546200Z
43370.4960: ChangeTime: 2022-05-13T21:27:08.226771300Z
44370.4960: FileAttributes: 0x20
45370.4960: Size: 0x2cf640
46370.4960: NT Headers: 0xf0
47370.4960: Timestamp: 0x458acb5b
48370.4960: Machine: 0x8664 - amd64
49370.4960: Timestamp: 0x458acb5b
50370.4960: Image Version: 10.0
51370.4960: SizeOfImage: 0x2cd000 (2936832)
52370.4960: Resource Dir: 0x2a4000 LB 0x548
53370.4960: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54370.4960: [Raw version resource data: 0x2a40b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55370.4960: ProductName: Microsoft® Windows® Operating System
56370.4960: ProductVersion: 10.0.19041.1706
57370.4960: FileVersion: 10.0.19041.1706 (WinBuild.160101.0800)
58370.4960: FileDescription: Windows NT BASE API Client DLL
59370.4960: \SystemRoot\System32\apisetschema.dll:
60370.4960: CreationTime: 2019-12-07T09:08:13.518339400Z
61370.4960: LastWriteTime: 2019-12-07T09:08:13.518339400Z
62370.4960: ChangeTime: 2022-05-13T09:38:12.902031600Z
63370.4960: FileAttributes: 0x20
64370.4960: Size: 0x1f538
65370.4960: NT Headers: 0xd0
66370.4960: Timestamp: 0x31288ce0
67370.4960: Machine: 0x8664 - amd64
68370.4960: Timestamp: 0x31288ce0
69370.4960: Image Version: 10.0
70370.4960: SizeOfImage: 0x20000 (131072)
71370.4960: Resource Dir: 0x1f000 LB 0x408
72370.4960: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73370.4960: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74370.4960: ProductName: Microsoft® Windows® Operating System
75370.4960: ProductVersion: 10.0.19041.1
76370.4960: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
77370.4960: FileDescription: ApiSet Schema DLL
78370.4960: NtOpenDirectoryObject failed on \Driver: 0xc0000022
79370.4960: supR3HardenedWinFindAdversaries: 0x800
80370.4960: \SystemRoot\System32\drivers\cfrmd.sys:
81370.4960: CreationTime: 2014-06-26T05:33:42.000000000Z
82370.4960: LastWriteTime: 2014-06-26T05:33:42.000000000Z
83370.4960: ChangeTime: 2020-10-11T11:10:28.369648400Z
84370.4960: FileAttributes: 0x20
85370.4960: Size: 0x9d20
86370.4960: NT Headers: 0xe8
87370.4960: Timestamp: 0x5004f2a1
88370.4960: Machine: 0x8664 - amd64
89370.4960: Timestamp: 0x5004f2a1
90370.4960: Image Version: 6.1
91370.4960: SizeOfImage: 0xe000 (57344)
92370.4960: Resource Dir: 0xc000 LB 0x3e0
93370.4960: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
94370.4960: [Raw version resource data: 0xc060 LB 0x380, codepage 0x0 (reserved 0x0)]
95370.4960: ProductName: Windows (R) Win 7 DDK driver
96370.4960: ProductVersion: 6.1.7600.16385
97370.4960: FileVersion: 6.1.7600.16385 built by: WinDDK
98370.4960: FileDescription: Safe Deletion Driver
99370.4960: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
100370.4960: Calling main()
101370.4960: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
102370.4960: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
103370.4960: SUPR3HardenedMain: Respawn #1
104370.4960: System32: \Device\HarddiskVolume4\Windows\System32
105370.4960: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
106370.4960: KnownDllPath: C:\WINDOWS\System32
107370.4960: supR3HardenedWinInit: Performing a limited self purification...
108370.4960: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
109370.4960: *0000000000000000-0000000000c2ffff 0x0001/0x0000 0x0000000
110370.4960: *0000000000c30000-0000000000c3ffff 0x0004/0x0004 0x0040000
111370.4960: 0000000000c40000-0000000000c4ffff 0x0001/0x0000 0x0000000
112370.4960: *0000000000c50000-0000000000c6cfff 0x0002/0x0002 0x0040000
113370.4960: 0000000000c6d000-0000000000c6ffff 0x0001/0x0000 0x0000000
114370.4960: *0000000000c70000-0000000000d20fff 0x0000/0x0004 0x0020000
115370.4960: 0000000000d21000-0000000000d23fff 0x0104/0x0004 0x0020000
116370.4960: 0000000000d24000-0000000000d6ffff 0x0004/0x0004 0x0020000
117370.4960: *0000000000d70000-0000000000d73fff 0x0002/0x0002 0x0040000
118370.4960: 0000000000d74000-0000000000d7ffff 0x0001/0x0000 0x0000000
119370.4960: *0000000000d80000-0000000000d81fff 0x0004/0x0004 0x0020000
120370.4960: 0000000000d82000-0000000000d8ffff 0x0001/0x0000 0x0000000
121370.4960: *0000000000d90000-0000000000d91fff 0x0004/0x0004 0x0020000
122370.4960: 0000000000d92000-0000000000da9fff 0x0000/0x0004 0x0020000
123370.4960: 0000000000daa000-0000000000dcffff 0x0001/0x0000 0x0000000
124370.4960: *0000000000dd0000-0000000000ddefff 0x0004/0x0004 0x0020000
125370.4960: 0000000000ddf000-0000000000ddffff 0x0000/0x0004 0x0020000
126370.4960: 0000000000de0000-0000000000dfffff 0x0001/0x0000 0x0000000
127370.4960: *0000000000e00000-0000000000e5efff 0x0000/0x0004 0x0020000
128370.4960: 0000000000e5f000-0000000000e61fff 0x0004/0x0004 0x0020000
129370.4960: 0000000000e62000-0000000000ffffff 0x0000/0x0004 0x0020000
130370.4960: *0000000001000000-00000000010c8fff 0x0002/0x0002 0x0040000
131370.4960: 00000000010c9000-00000000010cffff 0x0001/0x0000 0x0000000
132370.4960: *00000000010d0000-00000000010f6fff 0x0004/0x0004 0x0020000
133370.4960: 00000000010f7000-00000000011cffff 0x0000/0x0004 0x0020000
134370.4960: 00000000011d0000-00000000011effff 0x0001/0x0000 0x0000000
135370.4960: *00000000011f0000-00000000011f5fff 0x0004/0x0004 0x0020000
136370.4960: 00000000011f6000-00000000012effff 0x0000/0x0004 0x0020000
137370.4960: *00000000012f0000-00000000012f3fff 0x0000/0x0004 0x0020000
138370.4960: 00000000012f4000-00000000014e9fff 0x0004/0x0004 0x0020000
139370.4960: 00000000014ea000-00000000014eafff 0x0000/0x0004 0x0020000
140370.4960: 00000000014eb000-000000007ffdffff 0x0001/0x0000 0x0000000
141370.4960: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
142370.4960: 000000007ffe1000-000000007ffe2fff 0x0001/0x0000 0x0000000
143370.4960: *000000007ffe3000-000000007ffe3fff 0x0002/0x0002 0x0020000
144370.4960: 000000007ffe4000-00007ff489b5ffff 0x0001/0x0000 0x0000000
145370.4960: *00007ff489b60000-00007ff489b64fff 0x0002/0x0002 0x0040000
146370.4960: 00007ff489b65000-00007ff489c5ffff 0x0000/0x0002 0x0040000
147370.4960: *00007ff489c60000-00007ff589c7ffff 0x0000/0x0004 0x0020000
148370.4960: *00007ff589c80000-00007ff58bc7ffff 0x0000/0x0004 0x0020000
149370.4960: 00007ff58bc80000-00007ff58bc80fff 0x0004/0x0004 0x0020000
150370.4960: 00007ff58bc81000-00007ff58bc8ffff 0x0001/0x0000 0x0000000
151370.4960: *00007ff58bc90000-00007ff58bc90fff 0x0002/0x0002 0x0040000
152370.4960: 00007ff58bc91000-00007ff58bc9ffff 0x0001/0x0000 0x0000000
153370.4960: *00007ff58bca0000-00007ff58bcc2fff 0x0002/0x0002 0x0040000
154370.4960: 00007ff58bcc3000-00007ff6d6b2ffff 0x0001/0x0000 0x0000000
155370.4960: *00007ff6d6b30000-00007ff6d6b30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
156370.4960: 00007ff6d6b31000-00007ff6d6ba7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
157370.4960: 00007ff6d6ba8000-00007ff6d6ba8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
158370.4960: 00007ff6d6ba9000-00007ff6d6bf1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
159370.4960: 00007ff6d6bf2000-00007ff6d6bf4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
160370.4960: 00007ff6d6bf5000-00007ff6d6bf7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
161370.4960: 00007ff6d6bf8000-00007ff6d6bfafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
162370.4960: 00007ff6d6bfb000-00007ff6d6bfbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
163370.4960: 00007ff6d6bfc000-00007ff6d6bfdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
164370.4960: 00007ff6d6bfe000-00007ff6d6bfefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
165370.4960: 00007ff6d6bff000-00007ff6d6c47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
166370.4960: 00007ff6d6c48000-00007ffbe210ffff 0x0001/0x0000 0x0000000
167370.4960: *00007ffbe2110000-00007ffbe2110fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
168370.4960: 00007ffbe2111000-00007ffbe2225fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
169370.4960: 00007ffbe2226000-00007ffbe239efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
170370.4960: 00007ffbe239f000-00007ffbe23a2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
171370.4960: 00007ffbe23a3000-00007ffbe23a3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
172370.4960: 00007ffbe23a4000-00007ffbe23dcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
173370.4960: 00007ffbe23dd000-00007ffbe3f1ffff 0x0001/0x0000 0x0000000
174370.4960: *00007ffbe3f20000-00007ffbe3f20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
175370.4960: 00007ffbe3f21000-00007ffbe3f9efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
176370.4960: 00007ffbe3f9f000-00007ffbe3fd1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
177370.4960: 00007ffbe3fd2000-00007ffbe3fd2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
178370.4960: 00007ffbe3fd3000-00007ffbe3fd3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
179370.4960: 00007ffbe3fd4000-00007ffbe3fdcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\kernel32.dll
180370.4960: 00007ffbe3fdd000-00007ffbe452ffff 0x0001/0x0000 0x0000000
181370.4960: *00007ffbe4530000-00007ffbe4530fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
182370.4960: 00007ffbe4531000-00007ffbe464bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
183370.4960: 00007ffbe464c000-00007ffbe4693fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
184370.4960: 00007ffbe4694000-00007ffbe4694fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
185370.4960: 00007ffbe4695000-00007ffbe4696fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
186370.4960: 00007ffbe4697000-00007ffbe469ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
187370.4960: 00007ffbe46a0000-00007ffbe4724fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
188370.4960: 00007ffbe4725000-00007ffffffeffff 0x0001/0x0000 0x0000000
189370.4960: kernel32.dll: timestamp 0x4e5c27cf (rc=VINF_SUCCESS)
190370.4960: kernelbase.dll: timestamp 0x458acb5b (rc=VINF_SUCCESS)
191370.4960: VirtualBoxVM.exe: timestamp 0x623a5dfe (rc=VINF_SUCCESS)
192370.4960: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
193370.4960: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
194370.4960: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
195370.4960: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
196370.4960: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
197370.4960: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
198370.4960: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
199370.4960: supR3HardNtEnableThreadCreationEx:
200370.4960: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbe45a4b00 pvNtTerminateThread=00007ffbe45cd790
201370.4960: supR3HardenedWinDoReSpawn(1): New child 4200.2520 [kernel32].
202370.4960: supR3HardNtChildGatherData: PebBaseAddress=0000000000e7f000 cbPeb=0x388
203370.4960: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffbe4530000 uNtDllChildAddr=00007ffbe4530000
204370.4960: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffbe45a4b00
205370.4960: supR3HardenedWinSetupChildInit: Initial context:
206 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d6b37900 rdx=0000000000e7f000
207 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
208 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
209 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
210 rip=00007ffbe4582630 rsp=000000000113f908 rbp=0000000000000000 ctxflags=0010001b
211 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
212 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
213 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
214 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
215 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
216370.4960: supR3HardenedWinSetupChildInit: Start child.
217370.4960: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
218370.4960: supR3HardNtChildPurify: Startup delay kludge #1/0: 520 ms, 34 sleeps
219370.4960: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
220370.4960: *0000000000000000-0000000000deffff 0x0001/0x0000 0x0000000
221370.4960: *0000000000df0000-0000000000df3fff 0x0002/0x0002 0x0040000
222370.4960: 0000000000df4000-0000000000dfffff 0x0001/0x0000 0x0000000
223370.4960: *0000000000e00000-0000000000e7efff 0x0000/0x0004 0x0020000
224370.4960: 0000000000e7f000-0000000000e81fff 0x0004/0x0004 0x0020000
225370.4960: 0000000000e82000-0000000000ffffff 0x0000/0x0004 0x0020000
226370.4960: *0000000001000000-000000000101ffff 0x0004/0x0004 0x0020000
227370.4960: *0000000001020000-000000000103cfff 0x0002/0x0002 0x0040000
228370.4960: 000000000103d000-000000000103ffff 0x0001/0x0000 0x0000000
229370.4960: *0000000001040000-000000000113afff 0x0000/0x0004 0x0020000
230370.4960: 000000000113b000-000000000113dfff 0x0104/0x0004 0x0020000
231370.4960: 000000000113e000-000000000113ffff 0x0004/0x0004 0x0020000
232370.4960: *0000000001140000-0000000001141fff 0x0004/0x0004 0x0020000
233370.4960: 0000000001142000-000000007ffdffff 0x0001/0x0000 0x0000000
234370.4960: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
235370.4960: 000000007ffe1000-000000007ffe2fff 0x0001/0x0000 0x0000000
236370.4960: *000000007ffe3000-000000007ffe3fff 0x0002/0x0002 0x0020000
237370.4960: 000000007ffe4000-00007ff59183ffff 0x0001/0x0000 0x0000000
238370.4960: *00007ff591840000-00007ff591840fff 0x0002/0x0002 0x0040000
239370.4960: 00007ff591841000-00007ff59184ffff 0x0001/0x0000 0x0000000
240370.4960: *00007ff591850000-00007ff591872fff 0x0002/0x0002 0x0040000
241370.4960: 00007ff591873000-00007ff6d6b2ffff 0x0001/0x0000 0x0000000
242370.4960: *00007ff6d6b30000-00007ff6d6b30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
243370.4960: 00007ff6d6b31000-00007ff6d6ba7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
244370.4960: 00007ff6d6ba8000-00007ff6d6ba8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
245370.4960: 00007ff6d6ba9000-00007ff6d6bf1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
246370.4960: 00007ff6d6bf2000-00007ff6d6bf2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
247370.4960: 00007ff6d6bf3000-00007ff6d6bf3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
248370.4960: 00007ff6d6bf4000-00007ff6d6bf8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
249370.4960: 00007ff6d6bf9000-00007ff6d6bf9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
250370.4960: 00007ff6d6bfa000-00007ff6d6bfafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
251370.4960: 00007ff6d6bfb000-00007ff6d6bfefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
252370.4960: 00007ff6d6bff000-00007ff6d6c47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
253370.4960: 00007ff6d6c48000-00007ffbe452ffff 0x0001/0x0000 0x0000000
254370.4960: *00007ffbe4530000-00007ffbe4530fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
255370.4960: 00007ffbe4531000-00007ffbe464bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
256370.4960: 00007ffbe464c000-00007ffbe4693fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
257370.4960: 00007ffbe4694000-00007ffbe469ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
258370.4960: 00007ffbe46a0000-00007ffbe46aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
259370.4960: 00007ffbe46af000-00007ffbe46affff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
260370.4960: 00007ffbe46b0000-00007ffbe46b2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
261370.4960: 00007ffbe46b3000-00007ffbe4724fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
262370.4960: 00007ffbe4725000-00007ffffffeffff 0x0001/0x0000 0x0000000
263370.4960: supR3HardNtChildPurify: Done after 523 ms and 0 fixes (loop #0).
2644200.2520: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6300
2654200.2520: supR3HardenedVmProcessInit: uNtDllAddr=00007ffbe4530000 g_uNtVerCombined=0xa04a6300 (stack ~000000000113f398)
2664200.2520: ntdll.dll: timestamp 0x7b5414ec (rc=VINF_SUCCESS)
2674200.2520: New simple heap: #1 0000000001250000 LB 0x400000 (for 2052096 allocation)
268370.4960: supR3HardNtEnableThreadCreationEx:
2694200.2520: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
2704200.2520: System32: \Device\HarddiskVolume4\Windows\System32
2714200.2520: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
2724200.2520: KnownDllPath: C:\WINDOWS\System32
2734200.2520: supR3HardenedVmProcessInit: Opening vboxdrv stub...
2744200.2520: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
2754200.2520: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
2764200.2520: Registered Dll notification callback with NTDLL.
2774200.2520: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
2784200.2520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2794200.2520: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
2804200.2520: supR3HardenedDllNotificationCallback: load 00007ffbe2110000 LB 0x002cd000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
2814200.2520: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
2824200.2520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
2834200.2520: supR3HardenedDllNotificationCallback: load 00007ffbe3f20000 LB 0x000bd000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
2844200.2520: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
2854200.2520: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe3f20000 'C:\WINDOWS\System32\KERNEL32.DLL'
2864200.2520: supR3HardenedDllNotificationCallback: load 00007ff6d6b30000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
2874200.2520: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
2884200.2520: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
2894200.2520: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
2904200.2520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2914200.2520: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbe45a4b00 pvNtTerminateThread=00007ffbe45cd790
292370.4960: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 107 ms.
2934200.2520: \SystemRoot\System32\ntdll.dll:
2944200.2520: CreationTime: 2022-05-13T09:37:24.962297600Z
2954200.2520: LastWriteTime: 2022-05-13T09:37:25.011955800Z
2964200.2520: ChangeTime: 2022-05-13T21:27:08.242392000Z
2974200.2520: FileAttributes: 0x20
2984200.2520: Size: 0x1eeb38
2994200.2520: NT Headers: 0xe8
3004200.2520: Timestamp: 0x7b5414ec
3014200.2520: Machine: 0x8664 - amd64
3024200.2520: Timestamp: 0x7b5414ec
3034200.2520: Image Version: 10.0
3044200.2520: SizeOfImage: 0x1f5000 (2052096)
3054200.2520: Resource Dir: 0x184000 LB 0x6fff8
3064200.2520: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
3074200.2520: [Raw version resource data: 0x1840f0 LB 0x380, codepage 0x0 (reserved 0x0)]
3084200.2520: ProductName: Microsoft® Windows® Operating System
3094200.2520: ProductVersion: 10.0.19041.1682
3104200.2520: FileVersion: 10.0.19041.1682 (WinBuild.160101.0800)
3114200.2520: FileDescription: NT Layer DLL
3124200.2520: \SystemRoot\System32\kernel32.dll:
3134200.2520: CreationTime: 2022-05-13T09:37:16.157371700Z
3144200.2520: LastWriteTime: 2022-05-13T09:37:16.176080300Z
3154200.2520: ChangeTime: 2022-05-13T21:27:08.008042100Z
3164200.2520: FileAttributes: 0x20
3174200.2520: Size: 0xbb058
3184200.2520: NT Headers: 0xe8
3194200.2520: Timestamp: 0x4e5c27cf
3204200.2520: Machine: 0x8664 - amd64
3214200.2520: Timestamp: 0x4e5c27cf
3224200.2520: Image Version: 10.0
3234200.2520: SizeOfImage: 0xbd000 (774144)
3244200.2520: Resource Dir: 0xbb000 LB 0x520
3254200.2520: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3264200.2520: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3274200.2520: ProductName: Microsoft® Windows® Operating System
3284200.2520: ProductVersion: 10.0.19041.1706
3294200.2520: FileVersion: 10.0.19041.1706 (WinBuild.160101.0800)
3304200.2520: FileDescription: Windows NT BASE API Client DLL
3314200.2520: \SystemRoot\System32\KernelBase.dll:
3324200.2520: CreationTime: 2022-05-13T09:37:25.904947200Z
3334200.2520: LastWriteTime: 2022-05-13T09:37:25.981546200Z
3344200.2520: ChangeTime: 2022-05-13T21:27:08.226771300Z
3354200.2520: FileAttributes: 0x20
3364200.2520: Size: 0x2cf640
3374200.2520: NT Headers: 0xf0
3384200.2520: Timestamp: 0x458acb5b
3394200.2520: Machine: 0x8664 - amd64
3404200.2520: Timestamp: 0x458acb5b
3414200.2520: Image Version: 10.0
3424200.2520: SizeOfImage: 0x2cd000 (2936832)
3434200.2520: Resource Dir: 0x2a4000 LB 0x548
3444200.2520: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3454200.2520: [Raw version resource data: 0x2a40b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
3464200.2520: ProductName: Microsoft® Windows® Operating System
3474200.2520: ProductVersion: 10.0.19041.1706
3484200.2520: FileVersion: 10.0.19041.1706 (WinBuild.160101.0800)
3494200.2520: FileDescription: Windows NT BASE API Client DLL
3504200.2520: \SystemRoot\System32\apisetschema.dll:
3514200.2520: CreationTime: 2019-12-07T09:08:13.518339400Z
3524200.2520: LastWriteTime: 2019-12-07T09:08:13.518339400Z
3534200.2520: ChangeTime: 2022-05-13T09:38:12.902031600Z
3544200.2520: FileAttributes: 0x20
3554200.2520: Size: 0x1f538
3564200.2520: NT Headers: 0xd0
3574200.2520: Timestamp: 0x31288ce0
3584200.2520: Machine: 0x8664 - amd64
3594200.2520: Timestamp: 0x31288ce0
3604200.2520: Image Version: 10.0
3614200.2520: SizeOfImage: 0x20000 (131072)
3624200.2520: Resource Dir: 0x1f000 LB 0x408
3634200.2520: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
3644200.2520: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
3654200.2520: ProductName: Microsoft® Windows® Operating System
3664200.2520: ProductVersion: 10.0.19041.1
3674200.2520: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
3684200.2520: FileDescription: ApiSet Schema DLL
3694200.2520: NtOpenDirectoryObject failed on \Driver: 0xc0000022
3704200.2520: supR3HardenedWinFindAdversaries: 0x800
3714200.2520: \SystemRoot\System32\drivers\cfrmd.sys:
3724200.2520: CreationTime: 2014-06-26T05:33:42.000000000Z
3734200.2520: LastWriteTime: 2014-06-26T05:33:42.000000000Z
3744200.2520: ChangeTime: 2020-10-11T11:10:28.369648400Z
3754200.2520: FileAttributes: 0x20
3764200.2520: Size: 0x9d20
3774200.2520: NT Headers: 0xe8
3784200.2520: Timestamp: 0x5004f2a1
3794200.2520: Machine: 0x8664 - amd64
3804200.2520: Timestamp: 0x5004f2a1
3814200.2520: Image Version: 6.1
3824200.2520: SizeOfImage: 0xe000 (57344)
3834200.2520: Resource Dir: 0xc000 LB 0x3e0
3844200.2520: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
3854200.2520: [Raw version resource data: 0xc060 LB 0x380, codepage 0x0 (reserved 0x0)]
3864200.2520: ProductName: Windows (R) Win 7 DDK driver
3874200.2520: ProductVersion: 6.1.7600.16385
3884200.2520: FileVersion: 6.1.7600.16385 built by: WinDDK
3894200.2520: FileDescription: Safe Deletion Driver
3904200.2520: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3914200.2520: Calling main()
3924200.2520: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
3934200.2520: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
3944200.2520: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
3954200.2520: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
3964200.2520: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
3974200.2520: SUPR3HardenedMain: Respawn #2
3984200.2520: supR3HardNtEnableThreadCreationEx:
3994200.2520: supR3HardenedDllNotificationCallback: load 00007ffbe3970000 LB 0x00125000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
4004200.2520: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
4014200.2520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
4024200.2520: supR3HardenedDllNotificationCallback: load 00007ffbe2c30000 LB 0x0009c000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
4034200.2520: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
4044200.2520: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
4054200.2520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
4064200.2520: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
4074200.2520: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntdll.dll)
4084200.2520: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4094200.2520: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
4104200.2520: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
4114200.2520: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
4124200.2520: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
4134200.2520: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe4530000 'C:\WINDOWS\System32\ntdll.dll'
4144200.2520: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbe45a4b00 pvNtTerminateThread=00007ffbe45cd790
4154200.2520: supR3HardenedWinDoReSpawn(2): New child 5150.2258 [kernel32].
4164200.2520: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
4174200.2520: supR3HardNtChildGatherData: PebBaseAddress=000000000031d000 cbPeb=0x388
4184200.2520: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffbe4530000 uNtDllChildAddr=00007ffbe4530000
4194200.2520: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffbe45a4b00
4204200.2520: supR3HardenedWinSetupChildInit: Initial context:
421 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d6b37900 rdx=000000000031d000
422 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
423 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
424 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
425 rip=00007ffbe4582630 rsp=00000000004ffb78 rbp=0000000000000000 ctxflags=0010001b
426 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
427 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
428 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
429 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
430 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
4314200.2520: kernel32.dll: timestamp 0x4e5c27cf (rc=VINF_SUCCESS)
4324200.2520: supR3HardenedWinSetupChildInit: Start child.
4334200.2520: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
4344200.2520: supR3HardNtChildPurify: Startup delay kludge #1/0: 525 ms, 34 sleeps
4354200.2520: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
4364200.2520: *0000000000000000-000000000016ffff 0x0001/0x0000 0x0000000
4374200.2520: *0000000000170000-000000000018ffff 0x0004/0x0004 0x0020000
4384200.2520: *0000000000190000-00000000001acfff 0x0002/0x0002 0x0040000
4394200.2520: 00000000001ad000-00000000001affff 0x0001/0x0000 0x0000000
4404200.2520: *00000000001b0000-00000000001b3fff 0x0002/0x0002 0x0040000
4414200.2520: 00000000001b4000-00000000001bffff 0x0001/0x0000 0x0000000
4424200.2520: *00000000001c0000-00000000001c1fff 0x0004/0x0004 0x0020000
4434200.2520: 00000000001c2000-00000000001fffff 0x0001/0x0000 0x0000000
4444200.2520: *0000000000200000-000000000031cfff 0x0000/0x0004 0x0020000
4454200.2520: 000000000031d000-000000000031ffff 0x0004/0x0004 0x0020000
4464200.2520: 0000000000320000-00000000003fffff 0x0000/0x0004 0x0020000
4474200.2520: *0000000000400000-00000000004fafff 0x0000/0x0004 0x0020000
4484200.2520: 00000000004fb000-00000000004fdfff 0x0104/0x0004 0x0020000
4494200.2520: 00000000004fe000-00000000004fffff 0x0004/0x0004 0x0020000
4504200.2520: 0000000000500000-000000007ffdffff 0x0001/0x0000 0x0000000
4514200.2520: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
4524200.2520: 000000007ffe1000-000000007ffe2fff 0x0001/0x0000 0x0000000
4534200.2520: *000000007ffe3000-000000007ffe3fff 0x0002/0x0002 0x0020000
4544200.2520: 000000007ffe4000-00007ff5f058ffff 0x0001/0x0000 0x0000000
4554200.2520: *00007ff5f0590000-00007ff5f0590fff 0x0002/0x0002 0x0040000
4564200.2520: 00007ff5f0591000-00007ff5f059ffff 0x0001/0x0000 0x0000000
4574200.2520: *00007ff5f05a0000-00007ff5f05c2fff 0x0002/0x0002 0x0040000
4584200.2520: 00007ff5f05c3000-00007ff6d6b2ffff 0x0001/0x0000 0x0000000
4594200.2520: *00007ff6d6b30000-00007ff6d6b30fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4604200.2520: 00007ff6d6b31000-00007ff6d6ba7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4614200.2520: 00007ff6d6ba8000-00007ff6d6ba8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4624200.2520: 00007ff6d6ba9000-00007ff6d6bf1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4634200.2520: 00007ff6d6bf2000-00007ff6d6bf2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4644200.2520: 00007ff6d6bf3000-00007ff6d6bf3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4654200.2520: 00007ff6d6bf4000-00007ff6d6bf8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4664200.2520: 00007ff6d6bf9000-00007ff6d6bf9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4674200.2520: 00007ff6d6bfa000-00007ff6d6bfafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4684200.2520: 00007ff6d6bfb000-00007ff6d6bfefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4694200.2520: 00007ff6d6bff000-00007ff6d6c47fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
4704200.2520: 00007ff6d6c48000-00007ffbe452ffff 0x0001/0x0000 0x0000000
4714200.2520: *00007ffbe4530000-00007ffbe4530fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4724200.2520: 00007ffbe4531000-00007ffbe464bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4734200.2520: 00007ffbe464c000-00007ffbe4693fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4744200.2520: 00007ffbe4694000-00007ffbe469ffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4754200.2520: 00007ffbe46a0000-00007ffbe46aefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4764200.2520: 00007ffbe46af000-00007ffbe46affff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4774200.2520: 00007ffbe46b0000-00007ffbe46b2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4784200.2520: 00007ffbe46b3000-00007ffbe4724fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
4794200.2520: 00007ffbe4725000-00007ffffffeffff 0x0001/0x0000 0x0000000
4804200.2520: VirtualBoxVM.exe: timestamp 0x623a5dfe (rc=VINF_SUCCESS)
4814200.2520: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
4824200.2520: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
4834200.2520: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
4844200.2520: supR3HardNtChildPurify: Done after 570 ms and 0 fixes (loop #0).
4855150.2258: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6300
4865150.2258: supR3HardenedVmProcessInit: uNtDllAddr=00007ffbe4530000 g_uNtVerCombined=0xa04a6300 (stack ~00000000004ff608)
4874200.2520: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001250000 LB 0x400000)
4885150.2258: ntdll.dll: timestamp 0x7b5414ec (rc=VINF_SUCCESS)
4895150.2258: New simple heap: #1 0000000000600000 LB 0x400000 (for 2052096 allocation)
4904200.2520: supR3HardNtEnableThreadCreationEx:
4915150.2258: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
4925150.2258: System32: \Device\HarddiskVolume4\Windows\System32
4935150.2258: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
4945150.2258: KnownDllPath: C:\WINDOWS\System32
4955150.2258: supR3HardenedVmProcessInit: Opening vboxdrv...
4965150.2258: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
4975150.2258: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
4985150.2258: Registered Dll notification callback with NTDLL.
4995150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
5005150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
5015150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
5025150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe2110000 LB 0x002cd000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
5035150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
5045150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
5055150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe3f20000 LB 0x000bd000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
5065150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5075150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe3f20000 'C:\WINDOWS\System32\KERNEL32.DLL'
5085150.2258: supR3HardenedDllNotificationCallback: load 00007ff6d6b30000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
5095150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
5105150.2258: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
5115150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
5125150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5135150.2258: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffbe45a4b00 pvNtTerminateThread=00007ffbe45cd790
5144200.2520: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 127 ms.
5155150.2258: \SystemRoot\System32\ntdll.dll:
5165150.2258: CreationTime: 2022-05-13T09:37:24.962297600Z
5175150.2258: LastWriteTime: 2022-05-13T09:37:25.011955800Z
5185150.2258: ChangeTime: 2022-05-13T21:27:08.242392000Z
5195150.2258: FileAttributes: 0x20
5205150.2258: Size: 0x1eeb38
5215150.2258: NT Headers: 0xe8
5225150.2258: Timestamp: 0x7b5414ec
5235150.2258: Machine: 0x8664 - amd64
5245150.2258: Timestamp: 0x7b5414ec
5255150.2258: Image Version: 10.0
5265150.2258: SizeOfImage: 0x1f5000 (2052096)
5275150.2258: Resource Dir: 0x184000 LB 0x6fff8
5285150.2258: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
5295150.2258: [Raw version resource data: 0x1840f0 LB 0x380, codepage 0x0 (reserved 0x0)]
5305150.2258: ProductName: Microsoft® Windows® Operating System
5315150.2258: ProductVersion: 10.0.19041.1682
5325150.2258: FileVersion: 10.0.19041.1682 (WinBuild.160101.0800)
5335150.2258: FileDescription: NT Layer DLL
5345150.2258: \SystemRoot\System32\kernel32.dll:
5355150.2258: CreationTime: 2022-05-13T09:37:16.157371700Z
5365150.2258: LastWriteTime: 2022-05-13T09:37:16.176080300Z
5375150.2258: ChangeTime: 2022-05-13T21:27:08.008042100Z
5385150.2258: FileAttributes: 0x20
5395150.2258: Size: 0xbb058
5405150.2258: NT Headers: 0xe8
5415150.2258: Timestamp: 0x4e5c27cf
5425150.2258: Machine: 0x8664 - amd64
5435150.2258: Timestamp: 0x4e5c27cf
5445150.2258: Image Version: 10.0
5455150.2258: SizeOfImage: 0xbd000 (774144)
5465150.2258: Resource Dir: 0xbb000 LB 0x520
5475150.2258: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5485150.2258: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
5495150.2258: ProductName: Microsoft® Windows® Operating System
5505150.2258: ProductVersion: 10.0.19041.1706
5515150.2258: FileVersion: 10.0.19041.1706 (WinBuild.160101.0800)
5525150.2258: FileDescription: Windows NT BASE API Client DLL
5535150.2258: \SystemRoot\System32\KernelBase.dll:
5545150.2258: CreationTime: 2022-05-13T09:37:25.904947200Z
5555150.2258: LastWriteTime: 2022-05-13T09:37:25.981546200Z
5565150.2258: ChangeTime: 2022-05-13T21:27:08.226771300Z
5575150.2258: FileAttributes: 0x20
5585150.2258: Size: 0x2cf640
5595150.2258: NT Headers: 0xf0
5605150.2258: Timestamp: 0x458acb5b
5615150.2258: Machine: 0x8664 - amd64
5625150.2258: Timestamp: 0x458acb5b
5635150.2258: Image Version: 10.0
5645150.2258: SizeOfImage: 0x2cd000 (2936832)
5655150.2258: Resource Dir: 0x2a4000 LB 0x548
5665150.2258: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5675150.2258: [Raw version resource data: 0x2a40b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5685150.2258: ProductName: Microsoft® Windows® Operating System
5695150.2258: ProductVersion: 10.0.19041.1706
5705150.2258: FileVersion: 10.0.19041.1706 (WinBuild.160101.0800)
5715150.2258: FileDescription: Windows NT BASE API Client DLL
5725150.2258: \SystemRoot\System32\apisetschema.dll:
5735150.2258: CreationTime: 2019-12-07T09:08:13.518339400Z
5745150.2258: LastWriteTime: 2019-12-07T09:08:13.518339400Z
5755150.2258: ChangeTime: 2022-05-13T09:38:12.902031600Z
5765150.2258: FileAttributes: 0x20
5775150.2258: Size: 0x1f538
5785150.2258: NT Headers: 0xd0
5795150.2258: Timestamp: 0x31288ce0
5805150.2258: Machine: 0x8664 - amd64
5815150.2258: Timestamp: 0x31288ce0
5825150.2258: Image Version: 10.0
5835150.2258: SizeOfImage: 0x20000 (131072)
5845150.2258: Resource Dir: 0x1f000 LB 0x408
5855150.2258: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
5865150.2258: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
5875150.2258: ProductName: Microsoft® Windows® Operating System
5885150.2258: ProductVersion: 10.0.19041.1
5895150.2258: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
5905150.2258: FileDescription: ApiSet Schema DLL
5915150.2258: NtOpenDirectoryObject failed on \Driver: 0xc0000022
5925150.2258: supR3HardenedWinFindAdversaries: 0x800
5935150.2258: \SystemRoot\System32\drivers\cfrmd.sys:
5945150.2258: CreationTime: 2014-06-26T05:33:42.000000000Z
5955150.2258: LastWriteTime: 2014-06-26T05:33:42.000000000Z
5965150.2258: ChangeTime: 2020-10-11T11:10:28.369648400Z
5975150.2258: FileAttributes: 0x20
5985150.2258: Size: 0x9d20
5995150.2258: NT Headers: 0xe8
6005150.2258: Timestamp: 0x5004f2a1
6015150.2258: Machine: 0x8664 - amd64
6025150.2258: Timestamp: 0x5004f2a1
6035150.2258: Image Version: 6.1
6045150.2258: SizeOfImage: 0xe000 (57344)
6055150.2258: Resource Dir: 0xc000 LB 0x3e0
6065150.2258: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
6075150.2258: [Raw version resource data: 0xc060 LB 0x380, codepage 0x0 (reserved 0x0)]
6085150.2258: ProductName: Windows (R) Win 7 DDK driver
6095150.2258: ProductVersion: 6.1.7600.16385
6105150.2258: FileVersion: 6.1.7600.16385 built by: WinDDK
6115150.2258: FileDescription: Safe Deletion Driver
6125150.2258: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
6135150.2258: Calling main()
6145150.2258: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
6155150.2258: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
6165150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
6175150.2258: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
6185150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
6195150.2258: SUPR3HardenedMain: Final process, opening VBoxDrv...
6205150.2258: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000600000 LB 0x400000)
6215150.2258: supR3HardNtEnableThreadCreationEx:
6225150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
6235150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
6245150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
6255150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6265150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6275150.2258: supR3HardenedDllNotificationCallback: load 00007ffbdd620000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
6285150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6295150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6305150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6315150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdd620000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
6325150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6335150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6345150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdd620000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
6355150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdd620000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
6365150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6375150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
6385150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
6395150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
6405150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6415150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6425150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
6435150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
6445150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6455150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6465150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
6475150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
6485150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6495150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe26a0000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
6505150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6515150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe3970000 LB 0x00125000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
6525150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6535150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe2510000 LB 0x00068000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
6545150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6555150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe1c70000 LB 0x00100000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
6565150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll)
6575150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ucrtbase.dll
6585150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe1d70000 LB 0x00156000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
6595150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
6605150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
6615150.2258: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6625150.2258: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6635150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2110000 'api-ms-win-core-synch-l1-2-0'
6645150.2258: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6655150.2258: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6665150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2110000 'api-ms-win-core-fibers-l1-1-1'
6675150.2258: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
6685150.2258: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6695150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2110000 'api-ms-win-core-fibers-l1-1-1'
6705150.2258: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
6715150.2258: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6725150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2110000 'api-ms-win-core-synch-l1-2-0'
6735150.2258: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
6745150.2258: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6755150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2110000 'api-ms-win-core-localization-l1-2-1'
6765150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
6775150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
6785150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe1830000 LB 0x00012000 C:\WINDOWS\SYSTEM32\MSASN1.dll [fFlags=0x0]
6795150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
6805150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2510000 'C:\WINDOWS\system32\Wintrust.dll'
6815150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
6825150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
6835150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6845150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe1c40000 LB 0x00027000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
6855150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
6865150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1c40000 'C:\WINDOWS\system32\bcrypt.dll'
6875150.2258: bcrypt.dll loaded at 00007ffbe1c40000, BCryptOpenAlgorithmProvider at 00007ffbe1c451e0, preloading providers:
6885150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
6895150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
6905150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6915150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe23e0000 LB 0x00082000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
6925150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
6935150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe23e0000 'C:\WINDOWS\system32\bcryptprimitives.dll'
6945150.2258: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000b317e0)
6955150.2258: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000b31e60)
6965150.2258: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000b32180)
6975150.2258: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000b334b0)
6985150.2258: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000b337d0)
6995150.2258: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000b33af0)
7005150.2258: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000b33e10)
7015150.2258: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000b34130)
7025150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
7035150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
7045150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe15f0000 LB 0x00018000 C:\WINDOWS\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
7055150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
7065150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
7075150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
7085150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
7095150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
7105150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
7115150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7125150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7135150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7145150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe0cb0000 LB 0x00034000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
7155150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7165150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
7175150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
7185150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
7195150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe1610000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
7205150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
7215150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7225150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7235150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe3f20000 'C:\WINDOWS\System32\kernel32.dll'
7245150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7255150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7265150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2510000 'C:\WINDOWS\System32\WINTRUST.DLL'
7275150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7285150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7295150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\CRYPT32.dll'
7305150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe4280000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
7315150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
7325150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
7335150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7345150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7355150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
7365150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe2c30000 LB 0x0009c000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
7375150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
7385150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
7395150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
7405150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7415150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
7425150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
7435150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
7445150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe0510000 LB 0x00023000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
7455150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7465150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
7475150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
7485150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe1b80000 LB 0x0001f000 C:\WINDOWS\SYSTEM32\profapi.dll [fFlags=0x0]
7495150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
7505150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7515150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
7525150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
7535150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
7545150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7555150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7565150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7575150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7585150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7595150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7605150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7615150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7625150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7635150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7645150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7655150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
7665150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
7675150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
7685150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
7695150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7705150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7715150.2258: supR3HardenedDllNotificationCallback: load 00007ffbdb580000 LB 0x00031000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
7725150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7735150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7745150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7755150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7765150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7775150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7785150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7795150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7805150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7815150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7825150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7835150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7845150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7855150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7865150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7875150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7885150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7895150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7905150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7915150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7925150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7935150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7945150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7955150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7965150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7975150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
7985150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
7995150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8005150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
8015150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\WINDOWS\System32\cryptnet.dll'
8025150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8035150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbdb580000 'C:\Windows\System32\cryptnet.dll'
8045150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe4440000 LB 0x000ae000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
8055150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8065150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
8075150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
8085150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
8095150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
8105150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8115150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8125150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8135150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8145150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
8155150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
8165150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
8175150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8185150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8195150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8205150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8215150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8225150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8235150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8245150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8255150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8265150.2258: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b7f710
8275150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7f710
8285150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A376E7D7B5555AE5BCEC63D70B1B80F8ED393B0C
8295150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8305150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8315150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe3970000 'C:\WINDOWS\System32\rpcrt4.dll'
8325150.2258: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
8335150.2258: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b7ed50
8345150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7ed50
8355150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=CE34FEB7E8EB2EC060220A95A3F7A528604FFFAC3EB2DD6930150C807E235F4D
8365150.2258: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
8375150.2258: g_pfnWinVerifyTrust=00007ffbe2511ee0
8385150.2258: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8395150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8405150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8415150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8425150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8435150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8445150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8455150.2258: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
8465150.2258: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8475150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8485150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8495150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8505150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8515150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8525150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8535150.2258: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
8545150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8555150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8565150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8575150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8585150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8595150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8605150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
8615150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8625150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8635150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8645150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8655150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8665150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8675150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
8685150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8695150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8705150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8715150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
8725150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8735150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8745150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8755150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
8765150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8775150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8785150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8795150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
8805150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8815150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8825150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8835150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
8845150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8855150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8865150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8875150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
8885150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8895150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8905150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8915150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
8925150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8935150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
8945150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
8955150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
8965150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8975150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
8985150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
8995150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9005150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9015150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
9025150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9035150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9045150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
9055150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9065150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9075150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
9085150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9095150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9105150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ucrtbase.dll'
9115150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9125150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9135150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
9145150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9155150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9165150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
9175150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9185150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
9195150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9205150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
9215150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9225150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9235150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
9245150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
9255150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
9265150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
9275150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\system32\crypt32.dll'
9285150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xba02d0ab12c5ed00 CN=XBL Client IPsec Issuing CA
9295150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
9305150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
9315150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xc5b455799bfd2839 C=SG, ST=SG, L=SG, O=localhost, OU=localhost, CN=localhost, Email=localhost
9325150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
9335150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
9345150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
9355150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
9365150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x9546d06a8d70b800 CN=XBL Server IPsec Issuing CA
9375150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
9385150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
9395150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
9405150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
9415150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
9425150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
9435150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
9445150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
9455150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x6e864c7a8071ba00 C=ES, O=FNMT-RCM, OU=AC RAIZ FNMT-RCM
9465150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
9475150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
9485150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
9495150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
9505150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
9515150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
9525150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
9535150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xbedf2fa01f59a400 C=TW, O=Chunghwa Telecom Co., Ltd., CN=ePKI Root Certification Authority - G2
9545150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
9555150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x266e9b638ffac00 C=HK, O=Hongkong Post, CN=Hongkong Post Root CA 1
9565150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
9575150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
9585150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
9595150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
9605150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xc6536f24d57ae723 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
9615150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
9625150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
9635150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
9645150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xcb7d2ba3dd0ff900 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA
9655150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
9665150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
9675150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
9685150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
9695150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
9705150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
9715150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xd41691e475fb8515 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority
9725150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x3178d37f87f1c400 C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2
9735150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
9745150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
9755150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xd578ca718078b200 C=US, O=Amazon, CN=Amazon Root CA 1
9765150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
9775150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
9785150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
9795150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xf966ca73e8079500 OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign
9805150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
9815150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x802b3770cb00af00 C=EU, L=Madrid (see current address at www.camerfirma.com/address), SRN=A82743287, O=AC Camerfirma S.A., CN=Chambers of Commerce Root - 2008
9825150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
9835150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
9845150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
9855150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x88db8dee0f25e100 C=TW, O=Chunghwa Telecom Co., Ltd., OU=ePKI Root Certification Authority
9865150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
9875150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
9885150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
9895150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
9905150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x16e64d2a56ccf200 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., OU=http://certificates.starfieldtech.com/repository/, CN=Starfield Services Root Certificate Authority
9915150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
9925150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
9935150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
9945150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
9955150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
9965150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
9975150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
9985150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
9995150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
10005150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
10015150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
10025150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
10035150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
10045150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x1f78fc529cbacb00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G3
10055150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
10065150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
10075150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
10085150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
10095150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
10105150.2258: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
10115150.2258: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=83
10125150.2258: SUPR3HardenedMain: Load Runtime...
10135150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
10145150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
10155150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10165150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
10175150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
10185150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
10195150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
10205150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10215150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
10225150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
10235150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
10245150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
10255150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
10265150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
10275150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
10285150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10295150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10305150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
10315150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
10325150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
10335150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
10345150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10355150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10365150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
10375150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
10385150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10395150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
10405150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
10415150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10425150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10435150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
10445150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10455150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10465150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
10475150.2258: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10485150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
10495150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
10505150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
10515150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
10525150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
10535150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10545150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
10555150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
10565150.2258: supR3HardenedDllNotificationCallback: load 00000000765d0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
10575150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
10585150.2258: supR3HardenedDllNotificationCallback: load 0000000075a50000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
10595150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
10605150.2258: supR3HardenedDllNotificationCallback: load 00007ffbe30f0000 LB 0x0006b000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
10615150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
10625150.2258: supR3HardenedDllNotificationCallback: load 00007ffb475c0000 LB 0x005ec000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
10635150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10645150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10655150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10665150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10675150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10685150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10695150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10705150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10715150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10725150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10735150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10745150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10755150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10765150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10775150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10785150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10795150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10805150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10815150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10825150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10835150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10845150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10855150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10865150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10875150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10885150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10895150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10905150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10915150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10925150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10935150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10945150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
10955150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10965150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
10975150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10985150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
10995150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11005150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11015150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
11025150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11035150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11045150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11055150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11065150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11075150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11085150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11095150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11105150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11115150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11125150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11135150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11145150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11155150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11165150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11175150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11185150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11195150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11205150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11215150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11225150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11235150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11245150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11255150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11265150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11275150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11285150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11295150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11305150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11315150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11325150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11335150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11345150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11355150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11365150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11375150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11385150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11395150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11405150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11415150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11425150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11435150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
11445150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11455150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11465150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11475150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11485150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11495150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11505150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11515150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11525150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11535150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11545150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11555150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11565150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11575150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11585150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11595150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11605150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11615150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11625150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11635150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11645150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11655150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11665150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11675150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11685150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11695150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11705150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11715150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11725150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11735150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11745150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11755150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11765150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11775150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11785150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11795150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11805150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11815150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11825150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11835150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11845150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11855150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11865150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11875150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11885150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11895150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11905150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11915150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11925150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11935150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11945150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11955150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11965150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11975150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11985150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11995150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12005150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12015150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12025150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12035150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12045150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12055150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12065150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12075150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12085150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12095150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12105150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12115150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12125150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12135150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12145150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12155150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12165150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12175150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12185150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12195150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12205150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12215150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12225150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12235150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12245150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12255150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
12265150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12275150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12285150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12295150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12305150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12315150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12325150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12335150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12345150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12355150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12365150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12375150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12385150.2258: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12395150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12405150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffb475c0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12415150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
12425150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
12435150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll
12445150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
12455150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe2510000 'C:\WINDOWS\system32\Wintrust.dll'
12465150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
12475150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
12485150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\system32\crypt32.dll'
12495150.2258: SUPR3HardenedMain: Load TrustedMain...
12505150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
12515150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
12525150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12535150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
12545150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
12555150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
12565150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
12575150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
12585150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
12595150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
12605150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
12615150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
12625150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
12635150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
12645150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
12655150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
12665150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
12675150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
12685150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
12695150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
12705150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
12715150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
12725150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
12735150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
12745150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
12755150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
12765150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
12775150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
12785150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12795150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12805150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
12815150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
12825150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
12835150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
12845150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
12855150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
12865150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
12875150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
12885150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
12895150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
12905150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12915150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12925150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
12935150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
12945150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
12955150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
12965150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
12975150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
12985150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
12995150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
13005150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
13015150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'.
13025150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll)
13035150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll
13045150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13055150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13065150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
13075150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
13085150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
13095150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'gdi32.dll'.
13105150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'user32.dll'.
13115150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
13125150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
13135150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
13145150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13155150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13165150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13175150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13185150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
13195150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13205150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13215150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
13225150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
13235150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
13245150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
13255150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
13265150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13275150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13285150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
13295150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
13305150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
13315150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
13325150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13335150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13345150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13355150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13365150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\win32u.dll'.
13375150.2258: '\Device\HarddiskVolume4\Windows\System32\win32u.dll' has no imports
13385150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\win32u.dll)
13395150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\win32u.dll
13405150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13415150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13425150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13435150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13445150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13455150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
13465150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
13475150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
13485150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
13495150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
13505150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll) WinVerifyTrust
13515150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
13525150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
13535150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
13545150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13555150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13565150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13575150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13585150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume4\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13595150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\win32u.dll [lacks WinVerifyTrust]
13605150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
13615150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
13625150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
13635150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
13645150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
13655150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
13665150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
13675150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
13685150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
13695150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
13705150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
13715150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
13725150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
13735150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
13745150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
13755150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
13765150.2258: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
13775150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
13785150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
13795150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
13805150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
13815150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
13825150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
13835150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
13845150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
13855150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
13865150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
13875150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
13885150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
13895150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
13905150.2258: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
13915150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
13925150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
13935150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
13945150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
13955150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
13965150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
13975150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
13985150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
13995150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
14005150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
14015150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
14025150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
14035150.2258: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
14045150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
14055150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14065150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
14075150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
14085150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
14095150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14105150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14115150.2258: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
14125150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
14135150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14145150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14155150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
14165150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14175150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14185150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
14195150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14205150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14215150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
14225150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
14235150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'user32.dll'.
14245150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'gdi32.dll'.
14255150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
14265150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
14275150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14285150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14295150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14305150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14315150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14325150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14335150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14345150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14355150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14365150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14375150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14385150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14395150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14405150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14415150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
14425150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14435150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14445150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
14455150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14465150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14475150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14485150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14495150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14505150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14515150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14525150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14535150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14545150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
14555150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
14565150.2258: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
14575150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14585150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
14595150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14605150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
14615150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
14625150.2258: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
14635150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
14645150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14655150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14665150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
14675150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14685150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14695150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
14705150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14715150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14725150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
14735150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
14745150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume4\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
14755150.2258: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\mpr.dll'.
14765150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mpr.dll)
14775150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mpr.dll
14785150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
14795150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
14805150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
14815150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
14825150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
14835150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
14845150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
14855150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
14865150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
14875150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14885150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14895150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
14905150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14915150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14925150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
14935150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
14945150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
14955150.2258: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
14965150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
14975150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
14985150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
14995150.2258: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
15005150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
15015150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15025150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15035150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15045150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15055150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15065150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
15075150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15085150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15095150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
15105150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15115150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15125150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
15135150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15145150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15155150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15165150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15175150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15185150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
15195150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
15205150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
15215150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
15225150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15235150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15245150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
15255150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15265150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15275150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
15285150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15295150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15305150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
15315150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
15325150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15335150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15345150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
15355150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
15365150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
15375150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15385150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15395150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
15405150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15415150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15425150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
15435150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15445150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15455150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
15465150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15475150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15485150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
15495150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15505150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15515150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [lacks WinVerifyTrust]
15525150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15535150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15545150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
15555150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15565150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15575150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
15585150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15595150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15605150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
15615150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15625150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15635150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15645150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
15655150.2258: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
15665150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
15675150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
15685150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
15695150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
15705150.2258: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
15715150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15725150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15735150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
15745150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15755150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15765150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
15775150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
15785150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
15795150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
15805150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
15815150.2258: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
15825150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
15835150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
15845150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
15855150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
15865150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
15875150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
15885150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
15895150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
15905150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
15915150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
15925150.2258: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
15935150.2258: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
15945150.2258: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\UICommon.dll
15955150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15965150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15975150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
15985150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000043c pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
15995150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b7f710
16005150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7f710
16015150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9139DEFC7B1B28F28787768304EA263590045C17
16025150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
16035150.2258: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b7eed0
16045150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7eed0
16055150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9139DEFC7B1B28F28787768304EA263590045C17
16065150.2258: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
16075150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b7ed50
16085150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7ed50
16095150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=AB2381BCC82B710CD4B5CE32FE955AA757EF300FAA78D15AD8E4405E122BDFD8
16105150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
16115150.2258: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b7ef90
16125150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7ef90
16135150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=AB2381BCC82B710CD4B5CE32FE955AA757EF300FAA78D15AD8E4405E122BDFD8
16145150.2258: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
16155150.2258: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
16165150.2258: supR3HardenedScreenImage/Imports: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
16175150.2258: Error (rc=0):
16185150.2258: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume4\Windows\System32\opengl32.dll
16195150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16205150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16215150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16225150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16235150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
16245150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16255150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16265150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
16275150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16285150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16295150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
16305150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16315150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16325150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
16335150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16345150.2258: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
16355150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16365150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16375150.2258: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
16385150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
16395150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
16405150.2258: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [redoing WinVerifyTrust]
16415150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16425150.2258: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
16435150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
16445150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
16455150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
16465150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16475150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16485150.2258: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16495150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16505150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16515150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
16525150.2258: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
16535150.2258: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
16545150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
16555150.2258: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
16565150.2258: Error (rc=0):
16575150.2258: supR3HardenedScreenImage/NtCreateSection: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x10 fAccess=0xd cHits=3 \Device\HarddiskVolume4\Windows\System32\opengl32.dll
16585150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
16595150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000420 pwszName=\Device\HarddiskVolume4\Windows\System32\glu32.dll
16605150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b7eed0
16615150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7eed0
16625150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=37D878D7DA7EAB0779C720A2A8214C25224C19F5
16635150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
16645150.2258: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b7f4d0
16655150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7f4d0
16665150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=37D878D7DA7EAB0779C720A2A8214C25224C19F5
16675150.2258: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
16685150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000b7ef90
16695150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7ef90
16705150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=50A9D6B5C080686D42590B098C9474D0624F4FDB74DB30EB567E58B73179B968
16715150.2258: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
16725150.2258: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000b7f7d0
16735150.2258: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000b7f7d0
16745150.2258: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=50A9D6B5C080686D42590B098C9474D0624F4FDB74DB30EB567E58B73179B968
16755150.2258: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
16765150.2258: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
16775150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll'
16785150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16795150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16805150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\mpr.dll'
16815150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16825150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16835150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
16845150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16855150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16865150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\win32u.dll'
16875150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16885150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16895150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
16905150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16915150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16925150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcp_win.dll'
16935150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe0cb0000 'C:\WINDOWS\system32\rsaenh.dll'
16945150.2258: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffbe1d70000 'C:\WINDOWS\System32\crypt32.dll'
16955150.2258: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\combase.dll'
16965150.2258: Fatal error:
16975150.2258: supR3HardenedMainGetTrustedMain: LoadLibrary "C:\Program Files\Oracle\VirtualBox/VirtualBoxVM.dll" failed, rc=1790
16984200.2520: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2523 ms, the end);
1699370.4960: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 3294 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy