VirtualBox

Ticket #20995: VBoxHardening_20220620_6.1.32.log

File VBoxHardening_20220620_6.1.32.log, 398.0 KB (added by Hercules Oberholzer, 2 years ago)

VM Hardening Log File - Successful v 6.1.32

Line 
11f94.56e0: Log file opened: 6.1.32r149290 g_hStartupLog=0000000000000084 g_uNtVerCombined=0xa04a6400
21f94.56e0: \SystemRoot\System32\ntdll.dll:
31f94.56e0: CreationTime: 2022-06-15T07:12:45.995641500Z
41f94.56e0: LastWriteTime: 2022-06-15T07:12:46.028826300Z
51f94.56e0: ChangeTime: 2022-06-15T07:20:32.304675400Z
61f94.56e0: FileAttributes: 0x20
71f94.56e0: Size: 0x1eef70
81f94.56e0: NT Headers: 0xe8
91f94.56e0: Timestamp: 0x77755782
101f94.56e0: Machine: 0x8664 - amd64
111f94.56e0: Timestamp: 0x77755782
121f94.56e0: Image Version: 10.0
131f94.56e0: SizeOfImage: 0x1f7000 (2060288)
141f94.56e0: Resource Dir: 0x185000 LB 0x700a0
151f94.56e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
161f94.56e0: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
171f94.56e0: ProductName: Microsoft® Windows® Operating System
181f94.56e0: ProductVersion: 10.0.19041.1741
191f94.56e0: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
201f94.56e0: FileDescription: NT Layer DLL
211f94.56e0: \SystemRoot\System32\kernel32.dll:
221f94.56e0: CreationTime: 2022-06-15T07:12:51.122564000Z
231f94.56e0: LastWriteTime: 2022-06-15T07:12:51.135251000Z
241f94.56e0: ChangeTime: 2022-06-15T07:20:32.326795500Z
251f94.56e0: FileAttributes: 0x20
261f94.56e0: Size: 0xbb038
271f94.56e0: NT Headers: 0xe8
281f94.56e0: Timestamp: 0x89f7051c
291f94.56e0: Machine: 0x8664 - amd64
301f94.56e0: Timestamp: 0x89f7051c
311f94.56e0: Image Version: 10.0
321f94.56e0: SizeOfImage: 0xbd000 (774144)
331f94.56e0: Resource Dir: 0xbb000 LB 0x520
341f94.56e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
351f94.56e0: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
361f94.56e0: ProductName: Microsoft® Windows® Operating System
371f94.56e0: ProductVersion: 10.0.19041.1741
381f94.56e0: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
391f94.56e0: FileDescription: Windows NT BASE API Client DLL
401f94.56e0: \SystemRoot\System32\KernelBase.dll:
411f94.56e0: CreationTime: 2022-06-15T07:12:46.608569600Z
421f94.56e0: LastWriteTime: 2022-06-15T07:12:46.662249700Z
431f94.56e0: ChangeTime: 2022-06-15T07:20:32.358064100Z
441f94.56e0: FileAttributes: 0x20
451f94.56e0: Size: 0x2cf630
461f94.56e0: NT Headers: 0xf0
471f94.56e0: Timestamp: 0xe9b4a91b
481f94.56e0: Machine: 0x8664 - amd64
491f94.56e0: Timestamp: 0xe9b4a91b
501f94.56e0: Image Version: 10.0
511f94.56e0: SizeOfImage: 0x2cd000 (2936832)
521f94.56e0: Resource Dir: 0x2a4000 LB 0x548
531f94.56e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
541f94.56e0: [Raw version resource data: 0x2a40b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
551f94.56e0: ProductName: Microsoft® Windows® Operating System
561f94.56e0: ProductVersion: 10.0.19041.1741
571f94.56e0: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
581f94.56e0: FileDescription: Windows NT BASE API Client DLL
591f94.56e0: \SystemRoot\System32\apisetschema.dll:
601f94.56e0: CreationTime: 2019-12-07T09:08:13.518339400Z
611f94.56e0: LastWriteTime: 2019-12-07T09:08:13.518339400Z
621f94.56e0: ChangeTime: 2022-06-15T07:13:24.525143600Z
631f94.56e0: FileAttributes: 0x20
641f94.56e0: Size: 0x1f538
651f94.56e0: NT Headers: 0xd0
661f94.56e0: Timestamp: 0x31288ce0
671f94.56e0: Machine: 0x8664 - amd64
681f94.56e0: Timestamp: 0x31288ce0
691f94.56e0: Image Version: 10.0
701f94.56e0: SizeOfImage: 0x20000 (131072)
711f94.56e0: Resource Dir: 0x1f000 LB 0x408
721f94.56e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
731f94.56e0: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
741f94.56e0: ProductName: Microsoft® Windows® Operating System
751f94.56e0: ProductVersion: 10.0.19041.1
761f94.56e0: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
771f94.56e0: FileDescription: ApiSet Schema DLL
781f94.56e0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
791f94.56e0: supR3HardenedWinFindAdversaries: 0x40
801f94.56e0: \SystemRoot\System32\drivers\klflt.sys:
811f94.56e0: CreationTime: 2021-05-13T10:49:42.912590000Z
821f94.56e0: LastWriteTime: 2022-02-15T09:41:57.093380000Z
831f94.56e0: ChangeTime: 2022-04-06T07:44:42.722035000Z
841f94.56e0: FileAttributes: 0x20
851f94.56e0: Size: 0x7f908
861f94.56e0: NT Headers: 0x108
871f94.56e0: Timestamp: 0x61be09cc
881f94.56e0: Machine: 0x8664 - amd64
891f94.56e0: Timestamp: 0x61be09cc
901f94.56e0: Image Version: 10.0
911f94.56e0: SizeOfImage: 0x8e000 (581632)
921f94.56e0: Resource Dir: 0x8b000 LB 0x438
931f94.56e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
941f94.56e0: [Raw version resource data: 0x8b060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
951f94.56e0: ProductName: Coretech Delivery
961f94.56e0: ProductVersion: 30.587.0.2440-ea8cc99253
971f94.56e0: FileVersion: 30.587.0.2440
981f94.56e0: FileDescription: Filter Core [fre_win7_x64]
991f94.56e0: \SystemRoot\System32\drivers\klif.sys:
1001f94.56e0: CreationTime: 2021-05-13T10:49:42.919571600Z
1011f94.56e0: LastWriteTime: 2022-02-15T09:41:58.183235000Z
1021f94.56e0: ChangeTime: 2022-04-06T07:44:42.708074300Z
1031f94.56e0: FileAttributes: 0x20
1041f94.56e0: Size: 0x100508
1051f94.56e0: NT Headers: 0xf0
1061f94.56e0: Timestamp: 0x61be09ec
1071f94.56e0: Machine: 0x8664 - amd64
1081f94.56e0: Timestamp: 0x61be09ec
1091f94.56e0: Image Version: 10.0
1101f94.56e0: SizeOfImage: 0x104000 (1064960)
1111f94.56e0: Resource Dir: 0xf7000 LB 0x6270
1121f94.56e0: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
1131f94.56e0: [Raw version resource data: 0xfce80 LB 0x3ec, codepage 0x0 (reserved 0x0)]
1141f94.56e0: ProductName: Coretech Delivery
1151f94.56e0: ProductVersion: 30.587.0.2440-ea8cc99253
1161f94.56e0: FileVersion: 30.587.0.2440
1171f94.56e0: FileDescription: Core System Interceptors [fre_win7_x64]
1181f94.56e0: \SystemRoot\System32\drivers\klim6.sys:
1191f94.56e0: CreationTime: 2021-02-19T19:08:56.000000000Z
1201f94.56e0: LastWriteTime: 2022-02-15T09:42:00.017038300Z
1211f94.56e0: ChangeTime: 2022-04-06T07:44:43.601153500Z
1221f94.56e0: FileAttributes: 0x20
1231f94.56e0: Size: 0x16310
1241f94.56e0: NT Headers: 0xe8
1251f94.56e0: Timestamp: 0xbec546be
1261f94.56e0: Machine: 0x8664 - amd64
1271f94.56e0: Timestamp: 0xbec546be
1281f94.56e0: Image Version: 10.0
1291f94.56e0: SizeOfImage: 0x16000 (90112)
1301f94.56e0: Resource Dir: 0x14000 LB 0x448
1311f94.56e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1321f94.56e0: [Raw version resource data: 0x14060 LB 0x3e8, codepage 0x0 (reserved 0x0)]
1331f94.56e0: ProductName: Coretech Delivery
1341f94.56e0: ProductVersion: 30.587.0.2440-ea8cc99253
1351f94.56e0: FileVersion: 30.587.0.2440
1361f94.56e0: FileDescription: Packet Network Filter [fre_win7_x64]
1371f94.56e0: \SystemRoot\System32\drivers\klkbdflt.sys:
1381f94.56e0: CreationTime: 2021-02-19T19:08:58.000000000Z
1391f94.56e0: LastWriteTime: 2022-02-15T09:42:00.724728600Z
1401f94.56e0: ChangeTime: 2022-04-06T07:44:48.598403500Z
1411f94.56e0: FileAttributes: 0x20
1421f94.56e0: Size: 0x19918
1431f94.56e0: NT Headers: 0xe0
1441f94.56e0: Timestamp: 0x61be09be
1451f94.56e0: Machine: 0x8664 - amd64
1461f94.56e0: Timestamp: 0x61be09be
1471f94.56e0: Image Version: 10.0
1481f94.56e0: SizeOfImage: 0x19000 (102400)
1491f94.56e0: Resource Dir: 0x17000 LB 0x450
1501f94.56e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1511f94.56e0: [Raw version resource data: 0x17060 LB 0x3f0, codepage 0x0 (reserved 0x0)]
1521f94.56e0: ProductName: Coretech Delivery
1531f94.56e0: ProductVersion: 30.587.0.2440-ea8cc99253
1541f94.56e0: FileVersion: 30.587.0.2440
1551f94.56e0: FileDescription: Keyboard Device Filter [fre_win7_x64]
1561f94.56e0: \SystemRoot\System32\drivers\klmouflt.sys:
1571f94.56e0: CreationTime: 2021-02-19T19:08:58.000000000Z
1581f94.56e0: LastWriteTime: 2022-02-15T09:42:01.438880200Z
1591f94.56e0: ChangeTime: 2022-04-06T07:44:48.730080200Z
1601f94.56e0: FileAttributes: 0x20
1611f94.56e0: Size: 0x1a340
1621f94.56e0: NT Headers: 0xe0
1631f94.56e0: Timestamp: 0x61be09c0
1641f94.56e0: Machine: 0x8664 - amd64
1651f94.56e0: Timestamp: 0x61be09c0
1661f94.56e0: Image Version: 10.0
1671f94.56e0: SizeOfImage: 0x1a000 (106496)
1681f94.56e0: Resource Dir: 0x18000 LB 0x450
1691f94.56e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1701f94.56e0: [Raw version resource data: 0x18060 LB 0x3ec, codepage 0x0 (reserved 0x0)]
1711f94.56e0: ProductName: Coretech Delivery
1721f94.56e0: ProductVersion: 30.587.0.2440-ea8cc99253
1731f94.56e0: FileVersion: 30.587.0.2440
1741f94.56e0: FileDescription: Mouse Device Filter [fre_win7_x64]
1751f94.56e0: \SystemRoot\System32\drivers\kneps.sys:
1761f94.56e0: CreationTime: 2021-02-19T19:09:02.000000000Z
1771f94.56e0: LastWriteTime: 2022-02-15T09:42:07.821905000Z
1781f94.56e0: ChangeTime: 2022-04-06T07:44:47.931125100Z
1791f94.56e0: FileAttributes: 0x20
1801f94.56e0: Size: 0x47f18
1811f94.56e0: NT Headers: 0xf8
1821f94.56e0: Timestamp: 0xa54ea334
1831f94.56e0: Machine: 0x8664 - amd64
1841f94.56e0: Timestamp: 0xa54ea334
1851f94.56e0: Image Version: 10.0
1861f94.56e0: SizeOfImage: 0x49000 (299008)
1871f94.56e0: Resource Dir: 0x46000 LB 0x440
1881f94.56e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
1891f94.56e0: [Raw version resource data: 0x46060 LB 0x3e0, codepage 0x0 (reserved 0x0)]
1901f94.56e0: ProductName: Coretech Delivery
1911f94.56e0: ProductVersion: 30.587.0.2590-43f0624237
1921f94.56e0: FileVersion: 30.587.0.2590
1931f94.56e0: FileDescription: Network Processor [fre_win7_x64]
1941f94.56e0: \SystemRoot\System32\klfphc.dll:
1951f94.56e0: CreationTime: 2021-05-13T10:49:52.484156200Z
1961f94.56e0: LastWriteTime: 2021-02-19T19:09:00.000000000Z
1971f94.56e0: ChangeTime: 2021-05-13T10:49:44.939306600Z
1981f94.56e0: FileAttributes: 0x20
1991f94.56e0: Size: 0x1ae60
2001f94.56e0: NT Headers: 0xe8
2011f94.56e0: Timestamp: 0x51873bf2
2021f94.56e0: Machine: 0x8664 - amd64
2031f94.56e0: Timestamp: 0x51873bf2
2041f94.56e0: Image Version: 0.0
2051f94.56e0: SizeOfImage: 0x1d000 (118784)
2061f94.56e0: Resource Dir: 0x18000 LB 0x3c80
2071f94.56e0: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
2081f94.56e0: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
2091f94.56e0: ProductName: Kaspersky™ Anti-Virus ®
2101f94.56e0: ProductVersion: 1.0.0.12
2111f94.56e0: FileVersion: 1.0.0.12
2121f94.56e0: FileDescription: Filtering Platform Helper Class
2131f94.56e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
2141f94.56e0: Calling main()
2151f94.56e0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
2161f94.56e0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
2171f94.56e0: SUPR3HardenedMain: Respawn #1
2181f94.56e0: System32: \Device\HarddiskVolume15\Windows\System32
2191f94.56e0: WinSxS: \Device\HarddiskVolume15\Windows\WinSxS
2201f94.56e0: KnownDllPath: C:\Windows\System32
2211f94.56e0: supR3HardenedWinInit: Performing a limited self purification...
2221f94.56e0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
2231f94.56e0: *0000000000000000-0000000000e3ffff 0x0001/0x0000 0x0000000
2241f94.56e0: *0000000000e40000-0000000000e4ffff 0x0004/0x0004 0x0040000
2251f94.56e0: 0000000000e50000-0000000000e5ffff 0x0001/0x0000 0x0000000
2261f94.56e0: *0000000000e60000-0000000000e7cfff 0x0002/0x0002 0x0040000
2271f94.56e0: 0000000000e7d000-0000000000e7ffff 0x0001/0x0000 0x0000000
2281f94.56e0: *0000000000e80000-0000000000f30fff 0x0000/0x0004 0x0020000
2291f94.56e0: 0000000000f31000-0000000000f33fff 0x0104/0x0004 0x0020000
2301f94.56e0: 0000000000f34000-0000000000f7ffff 0x0004/0x0004 0x0020000
2311f94.56e0: *0000000000f80000-0000000000f83fff 0x0002/0x0002 0x0040000
2321f94.56e0: 0000000000f84000-0000000000f8ffff 0x0001/0x0000 0x0000000
2331f94.56e0: *0000000000f90000-0000000000f91fff 0x0004/0x0004 0x0020000
2341f94.56e0: 0000000000f92000-0000000000ffffff 0x0001/0x0000 0x0000000
2351f94.56e0: *0000000001000000-000000000111efff 0x0000/0x0004 0x0020000
2361f94.56e0: 000000000111f000-0000000001121fff 0x0004/0x0004 0x0020000
2371f94.56e0: 0000000001122000-00000000011fffff 0x0000/0x0004 0x0020000
2381f94.56e0: 0000000001200000-000000000124ffff 0x0001/0x0000 0x0000000
2391f94.56e0: *0000000001250000-0000000001254fff 0x0004/0x0004 0x0020000
2401f94.56e0: 0000000001255000-000000000134ffff 0x0000/0x0004 0x0020000
2411f94.56e0: *0000000001350000-0000000001418fff 0x0002/0x0002 0x0040000
2421f94.56e0: 0000000001419000-000000000141ffff 0x0001/0x0000 0x0000000
2431f94.56e0: *0000000001420000-0000000001421fff 0x0004/0x0004 0x0020000
2441f94.56e0: 0000000001422000-0000000001481fff 0x0000/0x0004 0x0020000
2451f94.56e0: 0000000001482000-000000000157ffff 0x0001/0x0000 0x0000000
2461f94.56e0: *0000000001580000-000000000158efff 0x0004/0x0004 0x0020000
2471f94.56e0: 000000000158f000-000000000158ffff 0x0000/0x0004 0x0020000
2481f94.56e0: *0000000001590000-0000000001590fff 0x0000/0x0004 0x0020000
2491f94.56e0: 0000000001591000-0000000001788fff 0x0004/0x0004 0x0020000
2501f94.56e0: 0000000001789000-0000000001789fff 0x0000/0x0004 0x0020000
2511f94.56e0: 000000000178a000-000000000178ffff 0x0001/0x0000 0x0000000
2521f94.56e0: *0000000001790000-00000000017b6fff 0x0004/0x0004 0x0020000
2531f94.56e0: 00000000017b7000-000000000188ffff 0x0000/0x0004 0x0020000
2541f94.56e0: 0000000001890000-000000007ffdffff 0x0001/0x0000 0x0000000
2551f94.56e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
2561f94.56e0: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
2571f94.56e0: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
2581f94.56e0: 000000007ffea000-00007ff4296dffff 0x0001/0x0000 0x0000000
2591f94.56e0: *00007ff4296e0000-00007ff4296e4fff 0x0002/0x0002 0x0040000
2601f94.56e0: 00007ff4296e5000-00007ff4297dffff 0x0000/0x0002 0x0040000
2611f94.56e0: *00007ff4297e0000-00007ff5297fffff 0x0000/0x0004 0x0020000
2621f94.56e0: *00007ff529800000-00007ff52b7fffff 0x0000/0x0004 0x0020000
2631f94.56e0: 00007ff52b800000-00007ff52b800fff 0x0004/0x0004 0x0020000
2641f94.56e0: 00007ff52b801000-00007ff52b80ffff 0x0001/0x0000 0x0000000
2651f94.56e0: *00007ff52b810000-00007ff52b810fff 0x0002/0x0002 0x0040000
2661f94.56e0: 00007ff52b811000-00007ff52b81ffff 0x0001/0x0000 0x0000000
2671f94.56e0: *00007ff52b820000-00007ff52b842fff 0x0002/0x0002 0x0040000
2681f94.56e0: 00007ff52b843000-00007ff607f1ffff 0x0001/0x0000 0x0000000
2691f94.56e0: *00007ff607f20000-00007ff607f20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2701f94.56e0: 00007ff607f21000-00007ff607f97fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2711f94.56e0: 00007ff607f98000-00007ff607f98fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2721f94.56e0: 00007ff607f99000-00007ff607fe1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2731f94.56e0: 00007ff607fe2000-00007ff607fe4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2741f94.56e0: 00007ff607fe5000-00007ff607fe7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2751f94.56e0: 00007ff607fe8000-00007ff607feafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2761f94.56e0: 00007ff607feb000-00007ff607febfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2771f94.56e0: 00007ff607fec000-00007ff607fedfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2781f94.56e0: 00007ff607fee000-00007ff607feefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2791f94.56e0: 00007ff607fef000-00007ff608037fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
2801f94.56e0: 00007ff608038000-00007ffccf93ffff 0x0001/0x0000 0x0000000
2811f94.56e0: *00007ffccf940000-00007ffccf940fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
2821f94.56e0: 00007ffccf941000-00007ffccfa55fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
2831f94.56e0: 00007ffccfa56000-00007ffccfbcefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
2841f94.56e0: 00007ffccfbcf000-00007ffccfbd2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
2851f94.56e0: 00007ffccfbd3000-00007ffccfbd3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
2861f94.56e0: 00007ffccfbd4000-00007ffccfc0cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
2871f94.56e0: 00007ffccfc0d000-00007ffcd12fffff 0x0001/0x0000 0x0000000
2881f94.56e0: *00007ffcd1300000-00007ffcd1300fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2891f94.56e0: 00007ffcd1301000-00007ffcd137efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2901f94.56e0: 00007ffcd137f000-00007ffcd13b1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2911f94.56e0: 00007ffcd13b2000-00007ffcd13b2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2921f94.56e0: 00007ffcd13b3000-00007ffcd13b3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2931f94.56e0: 00007ffcd13b4000-00007ffcd13bcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2941f94.56e0: 00007ffcd13bd000-00007ffcd1f0ffff 0x0001/0x0000 0x0000000
2951f94.56e0: *00007ffcd1f10000-00007ffcd1f10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
2961f94.56e0: 00007ffcd1f11000-00007ffcd202bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
2971f94.56e0: 00007ffcd202c000-00007ffcd2074fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
2981f94.56e0: 00007ffcd2075000-00007ffcd2075fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
2991f94.56e0: 00007ffcd2076000-00007ffcd2077fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3001f94.56e0: 00007ffcd2078000-00007ffcd2080fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3011f94.56e0: 00007ffcd2081000-00007ffcd2106fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3021f94.56e0: 00007ffcd2107000-00007ffffffeffff 0x0001/0x0000 0x0000000
3031f94.56e0: kernel32.dll: timestamp 0x89f7051c (rc=VINF_SUCCESS)
3041f94.56e0: kernelbase.dll: timestamp 0xe9b4a91b (rc=VINF_SUCCESS)
3051f94.56e0: VirtualBoxVM.exe: timestamp 0x61e55350 (rc=VINF_SUCCESS)
3061f94.56e0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
3071f94.56e0: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
3081f94.56e0: '\Device\HarddiskVolume15\Windows\System32\ntdll.dll' has no imports
3091f94.56e0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
3101f94.56e0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
3111f94.56e0: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
3121f94.56e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
3131f94.56e0: supR3HardNtEnableThreadCreationEx:
3141f94.56e0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffcd1f84b00 pvNtTerminateThread=00007ffcd1fad790
3151f94.56e0: supR3HardenedWinDoReSpawn(1): New child a9c.35c4 [kernel32].
3161f94.56e0: supR3HardNtChildGatherData: PebBaseAddress=0000000000417000 cbPeb=0x388
3171f94.56e0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffcd1f10000 uNtDllChildAddr=00007ffcd1f10000
3181f94.56e0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffcd1f84b00
3191f94.56e0: supR3HardenedWinSetupChildInit: Initial context:
320 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff607f27900 rdx=0000000000417000
321 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
322 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
323 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
324 rip=00007ffcd1f62630 rsp=000000000073fc18 rbp=0000000000000000 ctxflags=0010001b
325 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
326 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
327 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
328 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
329 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
3301f94.56e0: supR3HardenedWinSetupChildInit: Start child.
3311f94.56e0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
3321f94.56e0: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 33 sleeps
3331f94.56e0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
3341f94.56e0: *0000000000000000-00000000003fffff 0x0001/0x0000 0x0000000
3351f94.56e0: *0000000000400000-0000000000416fff 0x0000/0x0004 0x0020000
3361f94.56e0: 0000000000417000-0000000000419fff 0x0004/0x0004 0x0020000
3371f94.56e0: 000000000041a000-00000000005fffff 0x0000/0x0004 0x0020000
3381f94.56e0: *0000000000600000-000000000061ffff 0x0004/0x0004 0x0020000
3391f94.56e0: *0000000000620000-000000000063cfff 0x0002/0x0002 0x0040000
3401f94.56e0: 000000000063d000-000000000063ffff 0x0001/0x0000 0x0000000
3411f94.56e0: *0000000000640000-000000000073afff 0x0000/0x0004 0x0020000
3421f94.56e0: 000000000073b000-000000000073dfff 0x0104/0x0004 0x0020000
3431f94.56e0: 000000000073e000-000000000073ffff 0x0004/0x0004 0x0020000
3441f94.56e0: *0000000000740000-0000000000743fff 0x0002/0x0002 0x0040000
3451f94.56e0: 0000000000744000-000000000074ffff 0x0001/0x0000 0x0000000
3461f94.56e0: *0000000000750000-0000000000751fff 0x0004/0x0004 0x0020000
3471f94.56e0: 0000000000752000-000000007ffdffff 0x0001/0x0000 0x0000000
3481f94.56e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
3491f94.56e0: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
3501f94.56e0: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
3511f94.56e0: 000000007ffea000-00007ff5aab9ffff 0x0001/0x0000 0x0000000
3521f94.56e0: *00007ff5aaba0000-00007ff5aaba0fff 0x0002/0x0002 0x0040000
3531f94.56e0: 00007ff5aaba1000-00007ff5aabaffff 0x0001/0x0000 0x0000000
3541f94.56e0: *00007ff5aabb0000-00007ff5aabd2fff 0x0002/0x0002 0x0040000
3551f94.56e0: 00007ff5aabd3000-00007ff607f1ffff 0x0001/0x0000 0x0000000
3561f94.56e0: *00007ff607f20000-00007ff607f20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3571f94.56e0: 00007ff607f21000-00007ff607f97fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3581f94.56e0: 00007ff607f98000-00007ff607f98fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3591f94.56e0: 00007ff607f99000-00007ff607fe1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3601f94.56e0: 00007ff607fe2000-00007ff607fe2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3611f94.56e0: 00007ff607fe3000-00007ff607fe3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3621f94.56e0: 00007ff607fe4000-00007ff607fe8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3631f94.56e0: 00007ff607fe9000-00007ff607fe9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3641f94.56e0: 00007ff607fea000-00007ff607feafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3651f94.56e0: 00007ff607feb000-00007ff607feefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3661f94.56e0: 00007ff607fef000-00007ff608037fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
3671f94.56e0: 00007ff608038000-00007ffcd1f0ffff 0x0001/0x0000 0x0000000
3681f94.56e0: *00007ffcd1f10000-00007ffcd1f10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3691f94.56e0: 00007ffcd1f11000-00007ffcd202bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3701f94.56e0: 00007ffcd202c000-00007ffcd2074fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3711f94.56e0: 00007ffcd2075000-00007ffcd2080fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3721f94.56e0: 00007ffcd2081000-00007ffcd208ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3731f94.56e0: 00007ffcd2090000-00007ffcd2090fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3741f94.56e0: 00007ffcd2091000-00007ffcd2093fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3751f94.56e0: 00007ffcd2094000-00007ffcd2106fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
3761f94.56e0: 00007ffcd2107000-00007ffffffeffff 0x0001/0x0000 0x0000000
3771f94.56e0: supR3HardNtChildPurify: Done after 521 ms and 0 fixes (loop #0).
378a9c.35c4: Log file opened: 6.1.32r149290 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6400
379a9c.35c4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffcd1f10000 g_uNtVerCombined=0xa04a6400 (stack ~000000000073f6a8)
380a9c.35c4: ntdll.dll: timestamp 0x77755782 (rc=VINF_SUCCESS)
381a9c.35c4: New simple heap: #1 0000000000860000 LB 0x400000 (for 2060288 allocation)
3821f94.56e0: supR3HardNtEnableThreadCreationEx:
383a9c.35c4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
384a9c.35c4: System32: \Device\HarddiskVolume15\Windows\System32
385a9c.35c4: WinSxS: \Device\HarddiskVolume15\Windows\WinSxS
386a9c.35c4: KnownDllPath: C:\Windows\System32
387a9c.35c4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
388a9c.35c4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
389a9c.35c4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
390a9c.35c4: Registered Dll notification callback with NTDLL.
391a9c.35c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\kernel32.dll)
392a9c.35c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\kernel32.dll
393a9c.35c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
394a9c.35c4: supR3HardenedDllNotificationCallback: load 00007ffccf940000 LB 0x002cd000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
395a9c.35c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\KernelBase.dll)
396a9c.35c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
397a9c.35c4: supR3HardenedDllNotificationCallback: load 00007ffcd1300000 LB 0x000bd000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
398a9c.35c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
399a9c.35c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1300000 'C:\Windows\System32\KERNEL32.DLL'
400a9c.35c4: supR3HardenedDllNotificationCallback: load 00007ff607f20000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
401a9c.35c4: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
402a9c.35c4: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
403a9c.35c4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
404a9c.35c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
405a9c.35c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffcd1f84b00 pvNtTerminateThread=00007ffcd1fad790
4061f94.56e0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 79 ms.
407a9c.35c4: \SystemRoot\System32\ntdll.dll:
408a9c.35c4: CreationTime: 2022-06-15T07:12:45.995641500Z
409a9c.35c4: LastWriteTime: 2022-06-15T07:12:46.028826300Z
410a9c.35c4: ChangeTime: 2022-06-15T07:20:32.304675400Z
411a9c.35c4: FileAttributes: 0x20
412a9c.35c4: Size: 0x1eef70
413a9c.35c4: NT Headers: 0xe8
414a9c.35c4: Timestamp: 0x77755782
415a9c.35c4: Machine: 0x8664 - amd64
416a9c.35c4: Timestamp: 0x77755782
417a9c.35c4: Image Version: 10.0
418a9c.35c4: SizeOfImage: 0x1f7000 (2060288)
419a9c.35c4: Resource Dir: 0x185000 LB 0x700a0
420a9c.35c4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
421a9c.35c4: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
422a9c.35c4: ProductName: Microsoft® Windows® Operating System
423a9c.35c4: ProductVersion: 10.0.19041.1741
424a9c.35c4: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
425a9c.35c4: FileDescription: NT Layer DLL
426a9c.35c4: \SystemRoot\System32\kernel32.dll:
427a9c.35c4: CreationTime: 2022-06-15T07:12:51.122564000Z
428a9c.35c4: LastWriteTime: 2022-06-15T07:12:51.135251000Z
429a9c.35c4: ChangeTime: 2022-06-15T07:20:32.326795500Z
430a9c.35c4: FileAttributes: 0x20
431a9c.35c4: Size: 0xbb038
432a9c.35c4: NT Headers: 0xe8
433a9c.35c4: Timestamp: 0x89f7051c
434a9c.35c4: Machine: 0x8664 - amd64
435a9c.35c4: Timestamp: 0x89f7051c
436a9c.35c4: Image Version: 10.0
437a9c.35c4: SizeOfImage: 0xbd000 (774144)
438a9c.35c4: Resource Dir: 0xbb000 LB 0x520
439a9c.35c4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
440a9c.35c4: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
441a9c.35c4: ProductName: Microsoft® Windows® Operating System
442a9c.35c4: ProductVersion: 10.0.19041.1741
443a9c.35c4: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
444a9c.35c4: FileDescription: Windows NT BASE API Client DLL
445a9c.35c4: \SystemRoot\System32\KernelBase.dll:
446a9c.35c4: CreationTime: 2022-06-15T07:12:46.608569600Z
447a9c.35c4: LastWriteTime: 2022-06-15T07:12:46.662249700Z
448a9c.35c4: ChangeTime: 2022-06-15T07:20:32.358064100Z
449a9c.35c4: FileAttributes: 0x20
450a9c.35c4: Size: 0x2cf630
451a9c.35c4: NT Headers: 0xf0
452a9c.35c4: Timestamp: 0xe9b4a91b
453a9c.35c4: Machine: 0x8664 - amd64
454a9c.35c4: Timestamp: 0xe9b4a91b
455a9c.35c4: Image Version: 10.0
456a9c.35c4: SizeOfImage: 0x2cd000 (2936832)
457a9c.35c4: Resource Dir: 0x2a4000 LB 0x548
458a9c.35c4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
459a9c.35c4: [Raw version resource data: 0x2a40b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
460a9c.35c4: ProductName: Microsoft® Windows® Operating System
461a9c.35c4: ProductVersion: 10.0.19041.1741
462a9c.35c4: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
463a9c.35c4: FileDescription: Windows NT BASE API Client DLL
464a9c.35c4: \SystemRoot\System32\apisetschema.dll:
465a9c.35c4: CreationTime: 2019-12-07T09:08:13.518339400Z
466a9c.35c4: LastWriteTime: 2019-12-07T09:08:13.518339400Z
467a9c.35c4: ChangeTime: 2022-06-15T07:13:24.525143600Z
468a9c.35c4: FileAttributes: 0x20
469a9c.35c4: Size: 0x1f538
470a9c.35c4: NT Headers: 0xd0
471a9c.35c4: Timestamp: 0x31288ce0
472a9c.35c4: Machine: 0x8664 - amd64
473a9c.35c4: Timestamp: 0x31288ce0
474a9c.35c4: Image Version: 10.0
475a9c.35c4: SizeOfImage: 0x20000 (131072)
476a9c.35c4: Resource Dir: 0x1f000 LB 0x408
477a9c.35c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
478a9c.35c4: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
479a9c.35c4: ProductName: Microsoft® Windows® Operating System
480a9c.35c4: ProductVersion: 10.0.19041.1
481a9c.35c4: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
482a9c.35c4: FileDescription: ApiSet Schema DLL
483a9c.35c4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
484a9c.35c4: supR3HardenedWinFindAdversaries: 0x40
485a9c.35c4: \SystemRoot\System32\drivers\klflt.sys:
486a9c.35c4: CreationTime: 2021-05-13T10:49:42.912590000Z
487a9c.35c4: LastWriteTime: 2022-02-15T09:41:57.093380000Z
488a9c.35c4: ChangeTime: 2022-04-06T07:44:42.722035000Z
489a9c.35c4: FileAttributes: 0x20
490a9c.35c4: Size: 0x7f908
491a9c.35c4: NT Headers: 0x108
492a9c.35c4: Timestamp: 0x61be09cc
493a9c.35c4: Machine: 0x8664 - amd64
494a9c.35c4: Timestamp: 0x61be09cc
495a9c.35c4: Image Version: 10.0
496a9c.35c4: SizeOfImage: 0x8e000 (581632)
497a9c.35c4: Resource Dir: 0x8b000 LB 0x438
498a9c.35c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
499a9c.35c4: [Raw version resource data: 0x8b060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
500a9c.35c4: ProductName: Coretech Delivery
501a9c.35c4: ProductVersion: 30.587.0.2440-ea8cc99253
502a9c.35c4: FileVersion: 30.587.0.2440
503a9c.35c4: FileDescription: Filter Core [fre_win7_x64]
504a9c.35c4: \SystemRoot\System32\drivers\klif.sys:
505a9c.35c4: CreationTime: 2021-05-13T10:49:42.919571600Z
506a9c.35c4: LastWriteTime: 2022-02-15T09:41:58.183235000Z
507a9c.35c4: ChangeTime: 2022-04-06T07:44:42.708074300Z
508a9c.35c4: FileAttributes: 0x20
509a9c.35c4: Size: 0x100508
510a9c.35c4: NT Headers: 0xf0
511a9c.35c4: Timestamp: 0x61be09ec
512a9c.35c4: Machine: 0x8664 - amd64
513a9c.35c4: Timestamp: 0x61be09ec
514a9c.35c4: Image Version: 10.0
515a9c.35c4: SizeOfImage: 0x104000 (1064960)
516a9c.35c4: Resource Dir: 0xf7000 LB 0x6270
517a9c.35c4: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
518a9c.35c4: [Raw version resource data: 0xfce80 LB 0x3ec, codepage 0x0 (reserved 0x0)]
519a9c.35c4: ProductName: Coretech Delivery
520a9c.35c4: ProductVersion: 30.587.0.2440-ea8cc99253
521a9c.35c4: FileVersion: 30.587.0.2440
522a9c.35c4: FileDescription: Core System Interceptors [fre_win7_x64]
523a9c.35c4: \SystemRoot\System32\drivers\klim6.sys:
524a9c.35c4: CreationTime: 2021-02-19T19:08:56.000000000Z
525a9c.35c4: LastWriteTime: 2022-02-15T09:42:00.017038300Z
526a9c.35c4: ChangeTime: 2022-04-06T07:44:43.601153500Z
527a9c.35c4: FileAttributes: 0x20
528a9c.35c4: Size: 0x16310
529a9c.35c4: NT Headers: 0xe8
530a9c.35c4: Timestamp: 0xbec546be
531a9c.35c4: Machine: 0x8664 - amd64
532a9c.35c4: Timestamp: 0xbec546be
533a9c.35c4: Image Version: 10.0
534a9c.35c4: SizeOfImage: 0x16000 (90112)
535a9c.35c4: Resource Dir: 0x14000 LB 0x448
536a9c.35c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
537a9c.35c4: [Raw version resource data: 0x14060 LB 0x3e8, codepage 0x0 (reserved 0x0)]
538a9c.35c4: ProductName: Coretech Delivery
539a9c.35c4: ProductVersion: 30.587.0.2440-ea8cc99253
540a9c.35c4: FileVersion: 30.587.0.2440
541a9c.35c4: FileDescription: Packet Network Filter [fre_win7_x64]
542a9c.35c4: \SystemRoot\System32\drivers\klkbdflt.sys:
543a9c.35c4: CreationTime: 2021-02-19T19:08:58.000000000Z
544a9c.35c4: LastWriteTime: 2022-02-15T09:42:00.724728600Z
545a9c.35c4: ChangeTime: 2022-04-06T07:44:48.598403500Z
546a9c.35c4: FileAttributes: 0x20
547a9c.35c4: Size: 0x19918
548a9c.35c4: NT Headers: 0xe0
549a9c.35c4: Timestamp: 0x61be09be
550a9c.35c4: Machine: 0x8664 - amd64
551a9c.35c4: Timestamp: 0x61be09be
552a9c.35c4: Image Version: 10.0
553a9c.35c4: SizeOfImage: 0x19000 (102400)
554a9c.35c4: Resource Dir: 0x17000 LB 0x450
555a9c.35c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
556a9c.35c4: [Raw version resource data: 0x17060 LB 0x3f0, codepage 0x0 (reserved 0x0)]
557a9c.35c4: ProductName: Coretech Delivery
558a9c.35c4: ProductVersion: 30.587.0.2440-ea8cc99253
559a9c.35c4: FileVersion: 30.587.0.2440
560a9c.35c4: FileDescription: Keyboard Device Filter [fre_win7_x64]
561a9c.35c4: \SystemRoot\System32\drivers\klmouflt.sys:
562a9c.35c4: CreationTime: 2021-02-19T19:08:58.000000000Z
563a9c.35c4: LastWriteTime: 2022-02-15T09:42:01.438880200Z
564a9c.35c4: ChangeTime: 2022-04-06T07:44:48.730080200Z
565a9c.35c4: FileAttributes: 0x20
566a9c.35c4: Size: 0x1a340
567a9c.35c4: NT Headers: 0xe0
568a9c.35c4: Timestamp: 0x61be09c0
569a9c.35c4: Machine: 0x8664 - amd64
570a9c.35c4: Timestamp: 0x61be09c0
571a9c.35c4: Image Version: 10.0
572a9c.35c4: SizeOfImage: 0x1a000 (106496)
573a9c.35c4: Resource Dir: 0x18000 LB 0x450
574a9c.35c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
575a9c.35c4: [Raw version resource data: 0x18060 LB 0x3ec, codepage 0x0 (reserved 0x0)]
576a9c.35c4: ProductName: Coretech Delivery
577a9c.35c4: ProductVersion: 30.587.0.2440-ea8cc99253
578a9c.35c4: FileVersion: 30.587.0.2440
579a9c.35c4: FileDescription: Mouse Device Filter [fre_win7_x64]
580a9c.35c4: \SystemRoot\System32\drivers\kneps.sys:
581a9c.35c4: CreationTime: 2021-02-19T19:09:02.000000000Z
582a9c.35c4: LastWriteTime: 2022-02-15T09:42:07.821905000Z
583a9c.35c4: ChangeTime: 2022-04-06T07:44:47.931125100Z
584a9c.35c4: FileAttributes: 0x20
585a9c.35c4: Size: 0x47f18
586a9c.35c4: NT Headers: 0xf8
587a9c.35c4: Timestamp: 0xa54ea334
588a9c.35c4: Machine: 0x8664 - amd64
589a9c.35c4: Timestamp: 0xa54ea334
590a9c.35c4: Image Version: 10.0
591a9c.35c4: SizeOfImage: 0x49000 (299008)
592a9c.35c4: Resource Dir: 0x46000 LB 0x440
593a9c.35c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
594a9c.35c4: [Raw version resource data: 0x46060 LB 0x3e0, codepage 0x0 (reserved 0x0)]
595a9c.35c4: ProductName: Coretech Delivery
596a9c.35c4: ProductVersion: 30.587.0.2590-43f0624237
597a9c.35c4: FileVersion: 30.587.0.2590
598a9c.35c4: FileDescription: Network Processor [fre_win7_x64]
599a9c.35c4: \SystemRoot\System32\klfphc.dll:
600a9c.35c4: CreationTime: 2021-05-13T10:49:52.484156200Z
601a9c.35c4: LastWriteTime: 2021-02-19T19:09:00.000000000Z
602a9c.35c4: ChangeTime: 2021-05-13T10:49:44.939306600Z
603a9c.35c4: FileAttributes: 0x20
604a9c.35c4: Size: 0x1ae60
605a9c.35c4: NT Headers: 0xe8
606a9c.35c4: Timestamp: 0x51873bf2
607a9c.35c4: Machine: 0x8664 - amd64
608a9c.35c4: Timestamp: 0x51873bf2
609a9c.35c4: Image Version: 0.0
610a9c.35c4: SizeOfImage: 0x1d000 (118784)
611a9c.35c4: Resource Dir: 0x18000 LB 0x3c80
612a9c.35c4: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
613a9c.35c4: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
614a9c.35c4: ProductName: Kaspersky™ Anti-Virus ®
615a9c.35c4: ProductVersion: 1.0.0.12
616a9c.35c4: FileVersion: 1.0.0.12
617a9c.35c4: FileDescription: Filtering Platform Helper Class
618a9c.35c4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
619a9c.35c4: Calling main()
620a9c.35c4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
621a9c.35c4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
622a9c.35c4: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
623a9c.35c4: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
624a9c.35c4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
625a9c.35c4: SUPR3HardenedMain: Respawn #2
626a9c.35c4: supR3HardNtEnableThreadCreationEx:
627a9c.35c4: supR3HardenedDllNotificationCallback: load 00007ffccff40000 LB 0x00125000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
628a9c.35c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll)
629a9c.35c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll
630a9c.35c4: supR3HardenedDllNotificationCallback: load 00007ffcd05a0000 LB 0x0009c000 C:\Windows\System32\sechost.dll [fFlags=0x0]
631a9c.35c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
632a9c.35c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\sechost.dll)
633a9c.35c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\sechost.dll
634a9c.35c4: '\Device\HarddiskVolume15\Windows\System32\ntdll.dll' has no imports
635a9c.35c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\ntdll.dll)
636a9c.35c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\ntdll.dll
637a9c.35c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
638a9c.35c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
639a9c.35c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
640a9c.35c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
641a9c.35c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1f10000 'C:\Windows\System32\ntdll.dll'
642a9c.35c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffcd1f84b00 pvNtTerminateThread=00007ffcd1fad790
643a9c.35c4: supR3HardenedWinDoReSpawn(2): New child a34.2aa0 [kernel32].
644a9c.35c4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
645a9c.35c4: supR3HardNtChildGatherData: PebBaseAddress=0000000000283000 cbPeb=0x388
646a9c.35c4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffcd1f10000 uNtDllChildAddr=00007ffcd1f10000
647a9c.35c4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffcd1f84b00
648a9c.35c4: supR3HardenedWinSetupChildInit: Initial context:
649 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff607f27900 rdx=0000000000283000
650 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
651 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
652 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
653 rip=00007ffcd1f62630 rsp=000000000051fe38 rbp=0000000000000000 ctxflags=0010001b
654 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
655 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
656 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
657 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
658 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
659a9c.35c4: kernel32.dll: timestamp 0x89f7051c (rc=VINF_SUCCESS)
660a9c.35c4: supR3HardenedWinSetupChildInit: Start child.
661a9c.35c4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 1 ms.
662a9c.35c4: supR3HardNtChildPurify: Startup delay kludge #1/0: 526 ms, 34 sleeps
663a9c.35c4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
664a9c.35c4: *0000000000000000-00000000001cffff 0x0001/0x0000 0x0000000
665a9c.35c4: *00000000001d0000-00000000001effff 0x0004/0x0004 0x0020000
666a9c.35c4: *00000000001f0000-00000000001f3fff 0x0002/0x0002 0x0040000
667a9c.35c4: 00000000001f4000-00000000001fffff 0x0001/0x0000 0x0000000
668a9c.35c4: *0000000000200000-0000000000282fff 0x0000/0x0004 0x0020000
669a9c.35c4: 0000000000283000-0000000000285fff 0x0004/0x0004 0x0020000
670a9c.35c4: 0000000000286000-00000000003fffff 0x0000/0x0004 0x0020000
671a9c.35c4: *0000000000400000-000000000041cfff 0x0002/0x0002 0x0040000
672a9c.35c4: 000000000041d000-000000000041ffff 0x0001/0x0000 0x0000000
673a9c.35c4: *0000000000420000-000000000051afff 0x0000/0x0004 0x0020000
674a9c.35c4: 000000000051b000-000000000051dfff 0x0104/0x0004 0x0020000
675a9c.35c4: 000000000051e000-000000000051ffff 0x0004/0x0004 0x0020000
676a9c.35c4: *0000000000520000-0000000000521fff 0x0004/0x0004 0x0020000
677a9c.35c4: 0000000000522000-000000007ffdffff 0x0001/0x0000 0x0000000
678a9c.35c4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
679a9c.35c4: 000000007ffe1000-000000007ffe8fff 0x0001/0x0000 0x0000000
680a9c.35c4: *000000007ffe9000-000000007ffe9fff 0x0002/0x0002 0x0020000
681a9c.35c4: 000000007ffea000-00007ff57888ffff 0x0001/0x0000 0x0000000
682a9c.35c4: *00007ff578890000-00007ff578890fff 0x0002/0x0002 0x0040000
683a9c.35c4: 00007ff578891000-00007ff57889ffff 0x0001/0x0000 0x0000000
684a9c.35c4: *00007ff5788a0000-00007ff5788c2fff 0x0002/0x0002 0x0040000
685a9c.35c4: 00007ff5788c3000-00007ff607f1ffff 0x0001/0x0000 0x0000000
686a9c.35c4: *00007ff607f20000-00007ff607f20fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
687a9c.35c4: 00007ff607f21000-00007ff607f97fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
688a9c.35c4: 00007ff607f98000-00007ff607f98fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
689a9c.35c4: 00007ff607f99000-00007ff607fe1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
690a9c.35c4: 00007ff607fe2000-00007ff607fe2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
691a9c.35c4: 00007ff607fe3000-00007ff607fe3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
692a9c.35c4: 00007ff607fe4000-00007ff607fe8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
693a9c.35c4: 00007ff607fe9000-00007ff607fe9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
694a9c.35c4: 00007ff607fea000-00007ff607feafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
695a9c.35c4: 00007ff607feb000-00007ff607feefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
696a9c.35c4: 00007ff607fef000-00007ff608037fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
697a9c.35c4: 00007ff608038000-00007ffcd1f0ffff 0x0001/0x0000 0x0000000
698a9c.35c4: *00007ffcd1f10000-00007ffcd1f10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
699a9c.35c4: 00007ffcd1f11000-00007ffcd202bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
700a9c.35c4: 00007ffcd202c000-00007ffcd2074fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
701a9c.35c4: 00007ffcd2075000-00007ffcd2080fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
702a9c.35c4: 00007ffcd2081000-00007ffcd208ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
703a9c.35c4: 00007ffcd2090000-00007ffcd2090fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
704a9c.35c4: 00007ffcd2091000-00007ffcd2093fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
705a9c.35c4: 00007ffcd2094000-00007ffcd2106fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume15\Windows\System32\ntdll.dll
706a9c.35c4: 00007ffcd2107000-00007ffffffeffff 0x0001/0x0000 0x0000000
707a9c.35c4: VirtualBoxVM.exe: timestamp 0x61e55350 (rc=VINF_SUCCESS)
708a9c.35c4: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
709a9c.35c4: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
710a9c.35c4: '\Device\HarddiskVolume15\Windows\System32\ntdll.dll' has no imports
711a9c.35c4: supR3HardNtChildPurify: Done after 560 ms and 0 fixes (loop #0).
712a9c.35c4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000860000 LB 0x400000)
713a34.2aa0: Log file opened: 6.1.32r149290 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6400
714a34.2aa0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffcd1f10000 g_uNtVerCombined=0xa04a6400 (stack ~000000000051f8c8)
715a9c.35c4: supR3HardNtEnableThreadCreationEx:
716a34.2aa0: ntdll.dll: timestamp 0x77755782 (rc=VINF_SUCCESS)
717a34.2aa0: New simple heap: #1 0000000000630000 LB 0x400000 (for 2060288 allocation)
718a34.2aa0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
719a34.2aa0: System32: \Device\HarddiskVolume15\Windows\System32
720a34.2aa0: WinSxS: \Device\HarddiskVolume15\Windows\WinSxS
721a34.2aa0: KnownDllPath: C:\Windows\System32
722a34.2aa0: supR3HardenedVmProcessInit: Opening vboxdrv...
723a34.2aa0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
724a34.2aa0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
725a34.2aa0: Registered Dll notification callback with NTDLL.
726a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\kernel32.dll)
727a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\kernel32.dll
728a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
729a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf940000 LB 0x002cd000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
730a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\KernelBase.dll)
731a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\KernelBase.dll
732a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd1300000 LB 0x000bd000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
733a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
734a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1300000 'C:\Windows\System32\KERNEL32.DLL'
735a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ff607f20000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
736a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
737a34.2aa0: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
738a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
739a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
740a34.2aa0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffcd1f84b00 pvNtTerminateThread=00007ffcd1fad790
741a9c.35c4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 91 ms.
742a34.2aa0: \SystemRoot\System32\ntdll.dll:
743a34.2aa0: CreationTime: 2022-06-15T07:12:45.995641500Z
744a34.2aa0: LastWriteTime: 2022-06-15T07:12:46.028826300Z
745a34.2aa0: ChangeTime: 2022-06-15T07:20:32.304675400Z
746a34.2aa0: FileAttributes: 0x20
747a34.2aa0: Size: 0x1eef70
748a34.2aa0: NT Headers: 0xe8
749a34.2aa0: Timestamp: 0x77755782
750a34.2aa0: Machine: 0x8664 - amd64
751a34.2aa0: Timestamp: 0x77755782
752a34.2aa0: Image Version: 10.0
753a34.2aa0: SizeOfImage: 0x1f7000 (2060288)
754a34.2aa0: Resource Dir: 0x185000 LB 0x700a0
755a34.2aa0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
756a34.2aa0: [Raw version resource data: 0x1850f0 LB 0x380, codepage 0x0 (reserved 0x0)]
757a34.2aa0: ProductName: Microsoft® Windows® Operating System
758a34.2aa0: ProductVersion: 10.0.19041.1741
759a34.2aa0: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
760a34.2aa0: FileDescription: NT Layer DLL
761a34.2aa0: \SystemRoot\System32\kernel32.dll:
762a34.2aa0: CreationTime: 2022-06-15T07:12:51.122564000Z
763a34.2aa0: LastWriteTime: 2022-06-15T07:12:51.135251000Z
764a34.2aa0: ChangeTime: 2022-06-15T07:20:32.326795500Z
765a34.2aa0: FileAttributes: 0x20
766a34.2aa0: Size: 0xbb038
767a34.2aa0: NT Headers: 0xe8
768a34.2aa0: Timestamp: 0x89f7051c
769a34.2aa0: Machine: 0x8664 - amd64
770a34.2aa0: Timestamp: 0x89f7051c
771a34.2aa0: Image Version: 10.0
772a34.2aa0: SizeOfImage: 0xbd000 (774144)
773a34.2aa0: Resource Dir: 0xbb000 LB 0x520
774a34.2aa0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
775a34.2aa0: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
776a34.2aa0: ProductName: Microsoft® Windows® Operating System
777a34.2aa0: ProductVersion: 10.0.19041.1741
778a34.2aa0: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
779a34.2aa0: FileDescription: Windows NT BASE API Client DLL
780a34.2aa0: \SystemRoot\System32\KernelBase.dll:
781a34.2aa0: CreationTime: 2022-06-15T07:12:46.608569600Z
782a34.2aa0: LastWriteTime: 2022-06-15T07:12:46.662249700Z
783a34.2aa0: ChangeTime: 2022-06-15T07:20:32.358064100Z
784a34.2aa0: FileAttributes: 0x20
785a34.2aa0: Size: 0x2cf630
786a34.2aa0: NT Headers: 0xf0
787a34.2aa0: Timestamp: 0xe9b4a91b
788a34.2aa0: Machine: 0x8664 - amd64
789a34.2aa0: Timestamp: 0xe9b4a91b
790a34.2aa0: Image Version: 10.0
791a34.2aa0: SizeOfImage: 0x2cd000 (2936832)
792a34.2aa0: Resource Dir: 0x2a4000 LB 0x548
793a34.2aa0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
794a34.2aa0: [Raw version resource data: 0x2a40b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
795a34.2aa0: ProductName: Microsoft® Windows® Operating System
796a34.2aa0: ProductVersion: 10.0.19041.1741
797a34.2aa0: FileVersion: 10.0.19041.1741 (WinBuild.160101.0800)
798a34.2aa0: FileDescription: Windows NT BASE API Client DLL
799a34.2aa0: \SystemRoot\System32\apisetschema.dll:
800a34.2aa0: CreationTime: 2019-12-07T09:08:13.518339400Z
801a34.2aa0: LastWriteTime: 2019-12-07T09:08:13.518339400Z
802a34.2aa0: ChangeTime: 2022-06-15T07:13:24.525143600Z
803a34.2aa0: FileAttributes: 0x20
804a34.2aa0: Size: 0x1f538
805a34.2aa0: NT Headers: 0xd0
806a34.2aa0: Timestamp: 0x31288ce0
807a34.2aa0: Machine: 0x8664 - amd64
808a34.2aa0: Timestamp: 0x31288ce0
809a34.2aa0: Image Version: 10.0
810a34.2aa0: SizeOfImage: 0x20000 (131072)
811a34.2aa0: Resource Dir: 0x1f000 LB 0x408
812a34.2aa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
813a34.2aa0: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
814a34.2aa0: ProductName: Microsoft® Windows® Operating System
815a34.2aa0: ProductVersion: 10.0.19041.1
816a34.2aa0: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
817a34.2aa0: FileDescription: ApiSet Schema DLL
818a34.2aa0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
819a34.2aa0: supR3HardenedWinFindAdversaries: 0x40
820a34.2aa0: \SystemRoot\System32\drivers\klflt.sys:
821a34.2aa0: CreationTime: 2021-05-13T10:49:42.912590000Z
822a34.2aa0: LastWriteTime: 2022-02-15T09:41:57.093380000Z
823a34.2aa0: ChangeTime: 2022-04-06T07:44:42.722035000Z
824a34.2aa0: FileAttributes: 0x20
825a34.2aa0: Size: 0x7f908
826a34.2aa0: NT Headers: 0x108
827a34.2aa0: Timestamp: 0x61be09cc
828a34.2aa0: Machine: 0x8664 - amd64
829a34.2aa0: Timestamp: 0x61be09cc
830a34.2aa0: Image Version: 10.0
831a34.2aa0: SizeOfImage: 0x8e000 (581632)
832a34.2aa0: Resource Dir: 0x8b000 LB 0x438
833a34.2aa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
834a34.2aa0: [Raw version resource data: 0x8b060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
835a34.2aa0: ProductName: Coretech Delivery
836a34.2aa0: ProductVersion: 30.587.0.2440-ea8cc99253
837a34.2aa0: FileVersion: 30.587.0.2440
838a34.2aa0: FileDescription: Filter Core [fre_win7_x64]
839a34.2aa0: \SystemRoot\System32\drivers\klif.sys:
840a34.2aa0: CreationTime: 2021-05-13T10:49:42.919571600Z
841a34.2aa0: LastWriteTime: 2022-02-15T09:41:58.183235000Z
842a34.2aa0: ChangeTime: 2022-04-06T07:44:42.708074300Z
843a34.2aa0: FileAttributes: 0x20
844a34.2aa0: Size: 0x100508
845a34.2aa0: NT Headers: 0xf0
846a34.2aa0: Timestamp: 0x61be09ec
847a34.2aa0: Machine: 0x8664 - amd64
848a34.2aa0: Timestamp: 0x61be09ec
849a34.2aa0: Image Version: 10.0
850a34.2aa0: SizeOfImage: 0x104000 (1064960)
851a34.2aa0: Resource Dir: 0xf7000 LB 0x6270
852a34.2aa0: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
853a34.2aa0: [Raw version resource data: 0xfce80 LB 0x3ec, codepage 0x0 (reserved 0x0)]
854a34.2aa0: ProductName: Coretech Delivery
855a34.2aa0: ProductVersion: 30.587.0.2440-ea8cc99253
856a34.2aa0: FileVersion: 30.587.0.2440
857a34.2aa0: FileDescription: Core System Interceptors [fre_win7_x64]
858a34.2aa0: \SystemRoot\System32\drivers\klim6.sys:
859a34.2aa0: CreationTime: 2021-02-19T19:08:56.000000000Z
860a34.2aa0: LastWriteTime: 2022-02-15T09:42:00.017038300Z
861a34.2aa0: ChangeTime: 2022-04-06T07:44:43.601153500Z
862a34.2aa0: FileAttributes: 0x20
863a34.2aa0: Size: 0x16310
864a34.2aa0: NT Headers: 0xe8
865a34.2aa0: Timestamp: 0xbec546be
866a34.2aa0: Machine: 0x8664 - amd64
867a34.2aa0: Timestamp: 0xbec546be
868a34.2aa0: Image Version: 10.0
869a34.2aa0: SizeOfImage: 0x16000 (90112)
870a34.2aa0: Resource Dir: 0x14000 LB 0x448
871a34.2aa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
872a34.2aa0: [Raw version resource data: 0x14060 LB 0x3e8, codepage 0x0 (reserved 0x0)]
873a34.2aa0: ProductName: Coretech Delivery
874a34.2aa0: ProductVersion: 30.587.0.2440-ea8cc99253
875a34.2aa0: FileVersion: 30.587.0.2440
876a34.2aa0: FileDescription: Packet Network Filter [fre_win7_x64]
877a34.2aa0: \SystemRoot\System32\drivers\klkbdflt.sys:
878a34.2aa0: CreationTime: 2021-02-19T19:08:58.000000000Z
879a34.2aa0: LastWriteTime: 2022-02-15T09:42:00.724728600Z
880a34.2aa0: ChangeTime: 2022-04-06T07:44:48.598403500Z
881a34.2aa0: FileAttributes: 0x20
882a34.2aa0: Size: 0x19918
883a34.2aa0: NT Headers: 0xe0
884a34.2aa0: Timestamp: 0x61be09be
885a34.2aa0: Machine: 0x8664 - amd64
886a34.2aa0: Timestamp: 0x61be09be
887a34.2aa0: Image Version: 10.0
888a34.2aa0: SizeOfImage: 0x19000 (102400)
889a34.2aa0: Resource Dir: 0x17000 LB 0x450
890a34.2aa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
891a34.2aa0: [Raw version resource data: 0x17060 LB 0x3f0, codepage 0x0 (reserved 0x0)]
892a34.2aa0: ProductName: Coretech Delivery
893a34.2aa0: ProductVersion: 30.587.0.2440-ea8cc99253
894a34.2aa0: FileVersion: 30.587.0.2440
895a34.2aa0: FileDescription: Keyboard Device Filter [fre_win7_x64]
896a34.2aa0: \SystemRoot\System32\drivers\klmouflt.sys:
897a34.2aa0: CreationTime: 2021-02-19T19:08:58.000000000Z
898a34.2aa0: LastWriteTime: 2022-02-15T09:42:01.438880200Z
899a34.2aa0: ChangeTime: 2022-04-06T07:44:48.730080200Z
900a34.2aa0: FileAttributes: 0x20
901a34.2aa0: Size: 0x1a340
902a34.2aa0: NT Headers: 0xe0
903a34.2aa0: Timestamp: 0x61be09c0
904a34.2aa0: Machine: 0x8664 - amd64
905a34.2aa0: Timestamp: 0x61be09c0
906a34.2aa0: Image Version: 10.0
907a34.2aa0: SizeOfImage: 0x1a000 (106496)
908a34.2aa0: Resource Dir: 0x18000 LB 0x450
909a34.2aa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
910a34.2aa0: [Raw version resource data: 0x18060 LB 0x3ec, codepage 0x0 (reserved 0x0)]
911a34.2aa0: ProductName: Coretech Delivery
912a34.2aa0: ProductVersion: 30.587.0.2440-ea8cc99253
913a34.2aa0: FileVersion: 30.587.0.2440
914a34.2aa0: FileDescription: Mouse Device Filter [fre_win7_x64]
915a34.2aa0: \SystemRoot\System32\drivers\kneps.sys:
916a34.2aa0: CreationTime: 2021-02-19T19:09:02.000000000Z
917a34.2aa0: LastWriteTime: 2022-02-15T09:42:07.821905000Z
918a34.2aa0: ChangeTime: 2022-04-06T07:44:47.931125100Z
919a34.2aa0: FileAttributes: 0x20
920a34.2aa0: Size: 0x47f18
921a34.2aa0: NT Headers: 0xf8
922a34.2aa0: Timestamp: 0xa54ea334
923a34.2aa0: Machine: 0x8664 - amd64
924a34.2aa0: Timestamp: 0xa54ea334
925a34.2aa0: Image Version: 10.0
926a34.2aa0: SizeOfImage: 0x49000 (299008)
927a34.2aa0: Resource Dir: 0x46000 LB 0x440
928a34.2aa0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
929a34.2aa0: [Raw version resource data: 0x46060 LB 0x3e0, codepage 0x0 (reserved 0x0)]
930a34.2aa0: ProductName: Coretech Delivery
931a34.2aa0: ProductVersion: 30.587.0.2590-43f0624237
932a34.2aa0: FileVersion: 30.587.0.2590
933a34.2aa0: FileDescription: Network Processor [fre_win7_x64]
934a34.2aa0: \SystemRoot\System32\klfphc.dll:
935a34.2aa0: CreationTime: 2021-05-13T10:49:52.484156200Z
936a34.2aa0: LastWriteTime: 2021-02-19T19:09:00.000000000Z
937a34.2aa0: ChangeTime: 2021-05-13T10:49:44.939306600Z
938a34.2aa0: FileAttributes: 0x20
939a34.2aa0: Size: 0x1ae60
940a34.2aa0: NT Headers: 0xe8
941a34.2aa0: Timestamp: 0x51873bf2
942a34.2aa0: Machine: 0x8664 - amd64
943a34.2aa0: Timestamp: 0x51873bf2
944a34.2aa0: Image Version: 0.0
945a34.2aa0: SizeOfImage: 0x1d000 (118784)
946a34.2aa0: Resource Dir: 0x18000 LB 0x3c80
947a34.2aa0: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
948a34.2aa0: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
949a34.2aa0: ProductName: Kaspersky™ Anti-Virus ®
950a34.2aa0: ProductVersion: 1.0.0.12
951a34.2aa0: FileVersion: 1.0.0.12
952a34.2aa0: FileDescription: Filtering Platform Helper Class
953a34.2aa0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
954a34.2aa0: Calling main()
955a34.2aa0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
956a34.2aa0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox'
957a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
958a34.2aa0: '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
959a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
960a34.2aa0: SUPR3HardenedMain: Final process, opening VBoxDrv...
961a34.2aa0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000630000 LB 0x400000)
962a34.2aa0: supR3HardNtEnableThreadCreationEx:
963a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
964a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
965a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
966a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
967a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
968a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc9fe0000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
969a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
970a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
971a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
972a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc9fe0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
973a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
974a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
975a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc9fe0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
976a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc9fe0000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
977a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
978a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
979a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\wintrust.dll)
980a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\wintrust.dll
981a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
982a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
983a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll)
984a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll
985a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
986a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
987a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\msvcrt.dll)
988a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\msvcrt.dll
989a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
990a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd1680000 LB 0x0009e000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
991a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
992a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccff40000 LB 0x00125000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
993a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
994a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccfc60000 LB 0x00067000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
995a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
996a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf6e0000 LB 0x00100000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
997a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\ucrtbase.dll)
998a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\ucrtbase.dll
999a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf7e0000 LB 0x00156000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
1000a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\crypt32.dll)
1001a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\crypt32.dll
1002a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
1003a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1004a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-synch-l1-2-0'
1005a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
1006a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1007a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-fibers-l1-1-1'
1008a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
1009a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1010a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-fibers-l1-1-1'
1011a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
1012a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1013a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-synch-l1-2-0'
1014a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
1015a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1016a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-localization-l1-2-1'
1017a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\msasn1.dll)
1018a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\msasn1.dll
1019a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf1f0000 LB 0x00012000 C:\Windows\SYSTEM32\MSASN1.dll [fFlags=0x0]
1020a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1021a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccfc60000 'C:\Windows\system32\Wintrust.dll'
1022a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\bcrypt.dll)
1023a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\bcrypt.dll
1024a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1025a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf6b0000 LB 0x00027000 C:\Windows\System32\bcrypt.dll [fFlags=0x0]
1026a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1027a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf6b0000 'C:\Windows\system32\bcrypt.dll'
1028a34.2aa0: bcrypt.dll loaded at 00007ffccf6b0000, BCryptOpenAlgorithmProvider at 00007ffccf6b51e0, preloading providers:
1029a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\bcryptprimitives.dll)
1030a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\bcryptprimitives.dll
1031a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1032a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccfeb0000 LB 0x00082000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
1033a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1034a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccfeb0000 'C:\Windows\system32\bcryptprimitives.dll'
1035a34.2aa0: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000bf0520)
1036a34.2aa0: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000bf0ba0)
1037a34.2aa0: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000bf0ec0)
1038a34.2aa0: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000bf11e0)
1039a34.2aa0: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000bf1500)
1040a34.2aa0: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000bf1820)
1041a34.2aa0: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000bf1b40)
1042a34.2aa0: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000bf1e60)
1043a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\cryptsp.dll)
1044a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\cryptsp.dll
1045a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccefb0000 LB 0x00018000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
1046a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1047a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
1048a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\rsaenh.dll)
1049a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\rsaenh.dll
1050a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1051a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume15\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1052a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1053a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1054a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1055a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcce5c0000 LB 0x00034000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
1056a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1057a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1058a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\cryptbase.dll)
1059a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\cryptbase.dll
1060a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccefd0000 LB 0x0000c000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
1061a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1062a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1063a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1064a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1300000 'C:\Windows\System32\kernel32.dll'
1065a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1066a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1067a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccfc60000 'C:\Windows\System32\WINTRUST.DLL'
1068a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1069a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1070a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\CRYPT32.dll'
1071a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd17a0000 LB 0x0001d000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
1072a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\imagehlp.dll)
1073a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\imagehlp.dll
1074a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1075a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1076a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1077a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd05a0000 LB 0x0009c000 C:\Windows\System32\sechost.dll [fFlags=0x0]
1078a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
1079a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\sechost.dll)
1080a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\sechost.dll
1081a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1082a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1083a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\gpapi.dll)
1084a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\gpapi.dll
1085a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccddc0000 LB 0x00023000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
1086a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1087a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\profapi.dll)
1088a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\profapi.dll
1089a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf540000 LB 0x0001f000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0]
1090a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1091a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1092a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
1093a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\cryptnet.dll)
1094a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\cryptnet.dll
1095a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1096a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume15\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1097a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1098a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1099a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1100a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1101a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1102a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1103a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1104a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1105a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1106a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1107a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1108a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1109a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1110a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1111a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1112a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc73e0000 LB 0x00031000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
1113a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1114a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1115a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1116a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1117a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1118a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1119a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1120a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1121a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1122a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1123a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1124a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1125a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1126a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1127a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1128a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1129a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1131a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1132a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1133a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1134a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1135a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1136a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1137a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1138a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1139a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1140a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1141a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1142a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1143a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1144a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc73e0000 'C:\Windows\System32\cryptnet.dll'
1145a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0130000 LB 0x000ae000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
1146a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1147a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
1148a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
1149a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\advapi32.dll)
1150a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\advapi32.dll
1151a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1152a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1153a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1154a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1155a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
1156a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume15\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
1157a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1158a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1159a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1160a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1161a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1162a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1163a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1164a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1165a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1166a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1167a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000c02e30
1168a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
1169a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=93B46DD692F12EFD67222B2C68D978387A5A0747
1170a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1171a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1172a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccff40000 'C:\Windows\System32\rpcrt4.dll'
1173a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1174a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1175a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1176a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1177a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1178a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1179a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\SystemRoot\System32\ntdll.dll'
1180a34.2aa0: g_pfnWinVerifyTrust=00007ffccfc61ea0
1181a34.2aa0: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1182a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1183a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1184a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1185a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1186a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1187a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1188a34.2aa0: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\crypt32.dll'
1189a34.2aa0: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1190a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1191a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1192a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1193a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll
1194a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1195a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1196a34.2aa0: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\wintrust.dll'
1197a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1198a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1199a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1200a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll
1201a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1202a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1203a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\advapi32.dll'
1204a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1205a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1206a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1207a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\cryptnet.dll'
1208a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1209a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1210a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1211a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\profapi.dll'
1212a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1213a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1214a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1215a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\gpapi.dll'
1216a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1217a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1218a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1219a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\sechost.dll'
1220a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1221a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1222a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1223a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\imagehlp.dll'
1224a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1225a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1226a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1227a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\cryptbase.dll'
1228a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1229a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1230a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1231a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\rsaenh.dll'
1232a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll
1233a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1234a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1235a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll
1236a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1237a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1238a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\cryptsp.dll'
1239a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1240a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1241a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\bcryptprimitives.dll'
1242a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1243a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1244a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\bcrypt.dll'
1245a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1246a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1247a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\msasn1.dll'
1248a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1249a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1250a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\ucrtbase.dll'
1251a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1252a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1253a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll'
1254a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1255a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1256a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll'
1257a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1258a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1259a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1260a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
1261a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1262a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1263a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\KernelBase.dll'
1264a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1265a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1266a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\kernel32.dll'
1267a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\system32\crypt32.dll'
1268a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x863673804617c900 O=AO Kaspersky Lab, CN=Kaspersky Anti-Virus Personal Root Certificate
1269a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1270a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1271a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xb33984a7a5a8ce00 C=US, ST=California, L=Irvine, O=Blizzard Entertainment, OU=Battle.net, CN=Blizzard Battle.net Local Cert
1272a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1273a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xe590c1ccad2fd000 CN=Microsoft Intune Root Certification Authority
1274a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
1275a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1276a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1277a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1278a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
1279a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1280a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1281a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1282a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
1283a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1284a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x50bb81640c01cb00 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
1285a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1286a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1287a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
1288a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1289a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1290a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1291a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1292a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
1293a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xc6536f24d57ae723 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
1294a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x9403a4b8727eb000 C=TW, O=TAIWAN-CA, OU=Root CA, CN=TWCA Root Certification Authority
1295a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
1296a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
1297a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1298a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1299a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1300a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1301a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1302a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1303a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x363f522f28e7d900 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root G2
1304a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3178d37f87f1c400 C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2
1305a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1306a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1307a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1308a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1309a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x4b24f9897ec7e300 C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden EV Root CA
1310a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1311a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1312a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1313a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xdb2cd5c20d0aaf00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 1999 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 2 Public Primary Certification Authority - G3
1314a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1315a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
1316a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
1317a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1318a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1319a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1320a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1321a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1322a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1323a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1324a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1325a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
1326a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1327a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1328a34.2aa0: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1329a34.2aa0: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=61
1330a34.2aa0: SUPR3HardenedMain: Load Runtime...
1331a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
1332a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1333a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1334a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1335a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1336a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1337a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1338a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1339a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1340a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1341a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1342a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1343a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1344a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\ws2_32.dll) WinVerifyTrust
1345a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
1346a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1347a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1348a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll
1349a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1350a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1351a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
1352a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1353a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1354a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll
1355a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1356a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1357a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1358a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1359a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1360a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1361a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1362a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1363a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1364a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1365a34.2aa0: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1366a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll)
1367a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1368a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1369a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1370a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1371a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1372a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1373a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1374a34.2aa0: supR3HardenedDllNotificationCallback: load 000000006f4f0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1375a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1376a34.2aa0: supR3HardenedDllNotificationCallback: load 000000006f450000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1377a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1378a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd09a0000 LB 0x0006b000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
1379a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
1380a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc48410000 LB 0x005eb000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1381a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1382a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1383a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1384a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1385a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1386a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1387a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1388a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1389a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1390a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1391a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1392a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1393a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1394a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1395a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1396a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1397a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1398a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1399a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1400a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1401a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1402a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1403a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1404a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1405a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1406a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1407a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1408a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1409a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1410a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1411a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1412a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1413a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1414a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1415a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1416a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1417a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1418a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1419a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1420a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1421a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1422a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1423a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1424a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1425a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1426a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1427a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1428a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1429a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1430a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1431a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1432a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1433a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1434a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1435a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1436a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1437a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1438a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1439a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1440a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1441a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1442a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1443a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1444a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1445a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1446a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1447a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1448a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1449a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1450a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1451a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1452a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1453a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1454a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1455a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1456a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1457a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1458a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1459a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1460a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1461a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1462a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1463a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1464a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1465a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1466a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1467a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1468a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1469a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1470a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1471a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1472a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1473a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1474a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1475a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1476a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1477a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1478a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1479a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1480a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1481a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1482a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1483a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1484a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1485a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1486a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1487a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1488a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1489a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1490a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1491a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1492a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1493a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1494a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1495a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1496a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1497a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1498a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1499a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1500a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1501a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1502a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1503a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1504a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1505a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1506a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1507a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1508a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1509a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1510a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1511a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1512a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1513a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1514a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1515a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1516a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1517a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1518a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1519a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1520a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1521a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1522a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1523a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1524a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1525a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1526a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1527a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1528a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1529a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1530a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1531a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1532a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1533a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1534a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1535a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1536a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1537a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1538a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1539a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1540a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1541a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1542a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1543a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxRT.dll
1544a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1545a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1546a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1547a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1548a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1549a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1550a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1551a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1552a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1553a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1554a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1555a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1556a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1557a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1558a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc48410000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1559a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1560a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll'
1561a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wintrust.dll
1562a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1563a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccfc60000 'C:\Windows\system32\Wintrust.dll'
1564a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll
1565a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1566a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1567a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1568a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1569a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1570a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\system32\crypt32.dll'
1571a34.2aa0: SUPR3HardenedMain: Load TrustedMain...
1572a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
1573a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1574a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1575a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1576a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1577a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1578a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1579a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1580a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1581a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1582a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1583a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1584a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1585a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1586a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1587a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1588a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1589a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1590a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume15\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1591a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1592a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1593a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1594a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\winmm.dll) WinVerifyTrust
1595a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\winmm.dll
1596a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1597a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1598a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1599a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1600a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll
1601a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1602a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1603a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1604a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1605a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
1606a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\oleaut32.dll) WinVerifyTrust
1607a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
1608a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1609a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1610a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1611a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1612a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll
1613a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1614a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1615a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
1616a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1617a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\combase.dll)
1618a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\combase.dll
1619a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1620a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1621a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
1622a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll)
1623a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll
1624a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1625a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1626a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1627a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll
1628a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1629a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1630a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
1631a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'gdi32.dll'.
1632a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'user32.dll'.
1633a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
1634a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\ole32.dll) WinVerifyTrust
1635a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\ole32.dll
1636a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1637a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1638a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1639a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1640a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\combase.dll [lacks WinVerifyTrust]
1641a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1642a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1643a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
1644a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1645a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
1646a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\user32.dll)
1647a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\user32.dll
1648a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1649a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1650a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
1651a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
1652a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\gdi32.dll)
1653a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\gdi32.dll
1654a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1655a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1656a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1657a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1658a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
1659a34.2aa0: '\Device\HarddiskVolume15\Windows\System32\win32u.dll' has no imports
1660a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\win32u.dll)
1661a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\win32u.dll
1662a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1663a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1664a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1665a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1666a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1667a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1668a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1669a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1670a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1671a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
1672a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\user32.dll) WinVerifyTrust
1673a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1674a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1675a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
1676a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1677a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1678a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1679a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1680a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1681a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1682a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1683a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1684a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1685a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1686a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1687a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1688a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1689a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1690a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1691a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1692a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1693a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1694a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1695a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1696a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1697a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
1698a34.2aa0: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1699a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1700a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1701a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1702a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1703a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1704a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1705a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1706a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1707a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1708a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1709a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1710a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1711a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
1712a34.2aa0: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1713a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1714a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1715a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1716a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1717a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1718a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1719a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1720a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1721a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1722a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1723a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1724a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1725a34.2aa0: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1726a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1727a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1728a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1729a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1730a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1731a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1732a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1733a34.2aa0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1734a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1735a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1736a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1737a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1738a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1739a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1740a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1741a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1742a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1743a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
1744a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1745a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'user32.dll'.
1746a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'gdi32.dll'.
1747a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\shell32.dll)
1748a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\shell32.dll
1749a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1750a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1751a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1752a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1753a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1754a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1755a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1756a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1757a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1758a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1759a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1760a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1761a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1762a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1763a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1764a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1765a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1766a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1767a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1768a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1769a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1770a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1771a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1772a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1773a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1774a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1775a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1776a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1777a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume15\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1778a34.2aa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\opengl32.dll'.
1779a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1780a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1781a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1782a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1783a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
1784a34.2aa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume15\Windows\System32\opengl32.dll)
1785a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\opengl32.dll
1786a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1787a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1788a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
1789a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1790a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1791a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1792a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1793a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1794a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1795a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1796a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1797a34.2aa0: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
1798a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\mpr.dll)
1799a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\mpr.dll
1800a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1801a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1802a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
1803a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1804a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1805a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
1806a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1807a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1808a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
1809a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1810a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1811a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1812a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1813a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1814a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1815a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1816a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1817a34.2aa0: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
1818a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1819a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1820a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1821a34.2aa0: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume15\Windows\System32\glu32.dll)
1822a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\glu32.dll
1823a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1824a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1825a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1826a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1827a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1828a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1829a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1830a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1831a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
1832a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1833a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1834a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll
1835a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1836a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1837a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1838a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1839a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1840a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1841a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1842a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1843a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
1844a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1845a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume15\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1846a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1847a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1848a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1849a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1850a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1851a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1852a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll
1853a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1854a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1855a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1856a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1857a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1858a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1859a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1860a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1861a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1862a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1863a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1864a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1865a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1866a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1867a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1868a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1869a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1870a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1871a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1872a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1873a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1874a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1875a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1876a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1877a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1878a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1879a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1880a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1881a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1882a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1883a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1884a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1885a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1886a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1887a34.2aa0: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1888a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1889a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1890a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1891a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1892a34.2aa0: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1893a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1894a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1895a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
1896a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1897a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1898a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
1899a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1900a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1901a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1902a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1903a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
1904a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1905a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1906a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1907a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1908a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1909a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1910a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1911a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1912a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1913a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1914a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1915a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1916a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\UICommon.dll
1917a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1918a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume15\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1919a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1920a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000558 pwszName=\Device\HarddiskVolume15\Windows\System32\opengl32.dll
1921a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
1922a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
1923a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=7D1B8270E1506FBF7E7AAC33EF5032969F62E778
1924a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1925a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1926a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1927a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1928a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
1929a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1930a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1931a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
1932a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1933a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1934a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
1935a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1936a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1937a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [lacks WinVerifyTrust]
1938a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1939a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1940a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
1941a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1942a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1943a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1944a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1945a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1946a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1947a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1948a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1949a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1950a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1951a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
1952a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
1953a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0312~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\opengl32.dll'
1954a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1955a34.2aa0: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\opengl32.dll'
1956a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1957a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1958a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\opengl32.dll
1959a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\UICommon.dll
1960a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1961a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1962a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1963a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1964a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winmm.dll
1965a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1966a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1967a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccfcd0000 LB 0x00022000 C:\Windows\System32\win32u.dll [fFlags=0x0]
1968a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
1969a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccfd00000 LB 0x0009d000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
1970a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
1971a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccfda0000 LB 0x0010b000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
1972a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1973a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
1974a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
1975a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
1976a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\gdi32full.dll)
1977a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\gdi32full.dll
1978a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0570000 LB 0x0002a000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
1979a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
1980a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0a10000 LB 0x001a0000 C:\Windows\System32\USER32.dll [fFlags=0x0]
1981a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [avoiding WinVerifyTrust]
1982a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd01e0000 LB 0x00354000 C:\Windows\System32\combase.dll [fFlags=0x0]
1983a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1984a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc93bf0000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
1985a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1986a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc92a00000 LB 0x00126000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1987a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\opengl32.dll
1988a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0bb0000 LB 0x00744000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
1989a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
1990a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0810000 LB 0x0012a000 C:\Windows\System32\ole32.dll [fFlags=0x0]
1991a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
1992a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffca1960000 LB 0x0001f000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
1993a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1994a34.2aa0: supR3HardenedDllNotificationCallback: load 000000006ed60000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1995a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1996a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc47e10000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1997a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1998a34.2aa0: supR3HardenedDllNotificationCallback: load 000000006e7f0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1999a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
2000a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd06a0000 LB 0x000cd000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
2001a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2002a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc31160000 LB 0x02320000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
2003a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\UICommon.dll
2004a34.2aa0: supR3HardenedDllNotificationCallback: load 000000006f340000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
2005a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
2006a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcbcd00000 LB 0x00027000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
2007a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winmm.dll
2008a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc9aa90000 LB 0x001c9000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
2009a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
2010a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2011a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2012a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2013a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2014a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2015a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2016a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2017a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2018a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2019a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2020a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2021a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2022a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2023a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2024a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2025a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2026a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2027a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2028a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2029a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2030a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2031a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2032a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2033a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2034a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2035a34.2aa0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume15\Windows\System32\win32u.dll
2036a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2037a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2038a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [redoing WinVerifyTrust]
2039a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2040a34.2aa0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume15\Windows\System32\user32.dll
2041a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2042a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2043a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
2044a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2045a34.2aa0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume15\Windows\System32\gdi32.dll
2046a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2047a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2048a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
2049a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2050a34.2aa0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll
2051a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2052a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1300000 'C:\Windows\System32\kernel32.dll'
2053a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2054a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2055a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2056a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2057a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2058a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2059a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2060a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2061a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2062a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2063a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2064a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2065a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2066a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2067a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2068a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2069a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2070a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2071a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2072a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2073a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2074a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2075a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2076a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2077a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2078a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2079a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2080a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2081a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2082a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2083a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2084a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2085a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2086a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2087a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2088a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2089a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2090a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2091a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2092a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2093a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
2094a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2095a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-string-l1-1-0'
2096a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2097a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2098a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2099a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2100a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2101a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2102a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2103a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2104a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2105a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2106a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2107a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2108a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2109a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2110a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2111a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2112a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2113a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2114a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2115a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2116a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2117a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2118a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2119a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2120a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2121a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2122a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2123a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2124a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2125a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2126a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2127a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2128a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2129a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2130a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2131a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2132a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2133a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2134a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2135a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2136a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
2137a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2138a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-datetime-l1-1-1'
2139a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2140a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2141a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2142a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2143a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2144a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2145a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2146a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2147a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2148a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2149a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2150a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2151a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2152a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2153a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2154a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2155a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2156a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2157a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2158a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2159a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2160a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2161a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2162a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2163a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2164a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2165a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2166a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2167a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2168a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2169a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2170a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2171a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2172a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2173a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2174a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2175a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2176a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2177a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2178a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2179a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
2180a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2181a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-localization-obsolete-l1-2-0'
2182a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2183a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2184a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2185a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2186a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2187a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2188a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2189a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2190a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2191a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2192a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2193a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2194a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2195a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2196a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2197a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2198a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2199a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2200a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2201a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2202a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2203a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2204a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2205a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2206a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2207a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2208a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2209a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2210a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2211a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2212a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2213a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2214a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2215a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2216a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2217a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2218a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2219a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2220a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2221a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2222a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\imm32.dll'.
2223a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
2224a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
2225a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\imm32.dll)
2226a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\imm32.dll
2227a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2228a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2229a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2230a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2231a34.2aa0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume15\Windows\System32\win32u.dll
2232a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2233a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2234a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll [redoing WinVerifyTrust]
2235a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2236a34.2aa0: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume15\Windows\System32\user32.dll
2237a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2238a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0540000 LB 0x00030000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
2239a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
2240a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0540000 'C:\Windows\system32\IMM32.DLL'
2241a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\imm32.dll'.
2242a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\imm32.dll' [rescheduled]
2243a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2244a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2245a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2246a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2247a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2248a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2249a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2250a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2251a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2252a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2253a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2254a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2255a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2256a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2257a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2258a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2259a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2260a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2261a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2262a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2263a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\imm32.dll'.
2264a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\imm32.dll' [rescheduled]
2265a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2266a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2267a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2268a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2269a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2270a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2271a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2272a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2273a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2274a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2275a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2276a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2277a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2278a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2279a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2280a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2281a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2282a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2283a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2284a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2285a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
2286a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2287a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0130000 'C:\Windows\System32\ADVAPI32.DLL'
2288a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\imm32.dll'.
2289a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\imm32.dll' [rescheduled]
2290a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'.
2291a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll' [rescheduled]
2292a34.2aa0: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume15\Windows\System32\glu32.dll'.
2293a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll' [rescheduled]
2294a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\mpr.dll'.
2295a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll' [rescheduled]
2296a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\shell32.dll'.
2297a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rescheduled]
2298a34.2aa0: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2299a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2300a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\win32u.dll'.
2301a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rescheduled]
2302a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'.
2303a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rescheduled]
2304a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\user32.dll'.
2305a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rescheduled]
2306a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'.
2307a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rescheduled]
2308a34.2aa0: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\combase.dll'.
2309a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rescheduled]
2310a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc9aa90000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
2311a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2312a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2313a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\imm32.dll'
2314a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2315a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2316a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\gdi32full.dll'
2317a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000560 pwszName=\Device\HarddiskVolume15\Windows\System32\glu32.dll
2318a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2319a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2320a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=29BF86ABBB5F65F63E9219A66409F06565B8606E
2321a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2322a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2323a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0312~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\glu32.dll'
2324a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2325a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\glu32.dll'
2326a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2327a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2328a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\mpr.dll'
2329a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2330a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2331a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\shell32.dll'
2332a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2333a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
2334a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2335a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2336a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\win32u.dll'
2337a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2338a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2339a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\gdi32.dll'
2340a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2341a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2342a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\user32.dll'
2343a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2344a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2345a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll'
2346a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2347a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2348a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\combase.dll'
2349a34.2aa0: SUPR3HardenedMain: Calling TrustedMain (00007ffc9aa916c0)...
2350a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'combase.dll'.
2351a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'msvcp_win.dll'.
2352a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'wldp.dll'.
2353a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\windows.storage.dll)
2354a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\windows.storage.dll
2355a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2356a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\wldp.dll)
2357a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\wldp.dll
2358a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf060000 LB 0x0002c000 C:\Windows\SYSTEM32\Wldp.dll [fFlags=0x0]
2359a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wldp.dll [avoiding WinVerifyTrust]
2360a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccd5f0000 LB 0x00794000 C:\Windows\SYSTEM32\windows.storage.dll [fFlags=0x0]
2361a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\windows.storage.dll [avoiding WinVerifyTrust]
2362a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd0080000 LB 0x000ad000 C:\Windows\System32\SHCORE.dll [fFlags=0x0]
2363a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2364a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'combase.dll'.
2365a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\SHCore.dll)
2366a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\SHCore.dll
2367a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd1500000 LB 0x00055000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
2368a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
2369a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\shlwapi.dll)
2370a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\shlwapi.dll
2371a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2372a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2373a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll
2374a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2375a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2376a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\combase.dll
2377a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2378a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2379a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2380a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2381a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldp.dll'...
2382a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldp.dll' -> '\Device\HarddiskVolume15\Windows\System32\wldp.dll' [rcNtRedir=0xc0150008]
2383a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wldp.dll [lacks WinVerifyTrust]
2384a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2385a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2386a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll
2387a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2388a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2389a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\combase.dll
2390a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2391a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2392a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\shlwapi.dll'
2393a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2394a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2395a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\SHCore.dll'
2396a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2397a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2398a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\wldp.dll'
2399a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2400a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2401a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\windows.storage.dll'
2402a34.2aa0: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
2403a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2404a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
2405a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
2406a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2407a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
2408a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
2409a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2410a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2411a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
2412a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2413a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2414a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2415a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2416a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2417a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2418a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2419a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2420a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2421a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2422a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2423a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2424a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2425a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2426a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2427a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
2428a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2429a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume15\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2430a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll
2431a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2432a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2433a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2434a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2435a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume15\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2436a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winmm.dll
2437a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2438a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume15\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2439a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\imm32.dll
2440a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2441a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2442a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2443a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2444a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
2445a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2446a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2447a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2448a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2449a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcb8130000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2450a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2451a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcb8130000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2452a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
2453a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
2454a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\kernel.appcore.dll)
2455a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\kernel.appcore.dll
2456a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccdda0000 LB 0x00012000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
2457a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
2458a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2459a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2460a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2461a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2462a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2463a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2464a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\kernel.appcore.dll'
2465a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000528 pwszName=\Device\HarddiskVolume15\Windows\System32\uxtheme.dll
2466a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2467a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2468a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=701BFCEE1A399A1718E6AD19A8B89B9E45D98837
2469a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2470a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2471a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.1741.cat'; file='\Device\HarddiskVolume15\Windows\System32\uxtheme.dll'
2472a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2473a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2474a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
2475a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
2476a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\uxtheme.dll) WinVerifyTrust
2477a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\uxtheme.dll
2478a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2479a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2480a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2481a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2482a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2483a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2484a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2485a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\uxtheme.dll
2486a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccca50000 LB 0x0009e000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
2487a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\uxtheme.dll
2488a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccca50000 'C:\Windows\system32\uxtheme.dll'
2489a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0a10000 'C:\Windows\system32\user32.dll'
2490a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll
2491a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2492a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0bb0000 'C:\Windows\system32\shell32.dll'
2493a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\SHCore.dll
2494a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2495a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0080000 'C:\Windows\system32\SHCore.dll'
2496a34.2aa0: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2497a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
2498a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winmm.dll
2499a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2500a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcbcd00000 'C:\Windows\system32\winmm.dll'
2501a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winmm.dll
2502a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2503a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcbcd00000 'C:\Windows\system32\winmm.dll'
2504a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll
2505a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2506a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0bb0000 'C:\Windows\system32\shell32.dll'
2507a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\uxtheme.dll
2508a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2509a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccca50000 'C:\Windows\system32\uxtheme.dll'
2510a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
2511a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2512a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0130000 'C:\Windows\system32\advapi32.dll'
2513a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2514a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2515a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2516a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\userenv.dll) WinVerifyTrust
2517a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\userenv.dll
2518a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2519a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2520a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2521a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\userenv.dll
2522a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccf4c0000 LB 0x0002e000 C:\Windows\system32\userenv.dll [fFlags=0x0]
2523a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\userenv.dll
2524a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf4c0000 'C:\Windows\system32\userenv.dll'
2525a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2526a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2527a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1300000 'C:\Windows\System32\kernel32.dll'
2528a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd17c0000 LB 0x000a9000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
2529a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2530a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
2531a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\clbcatq.dll)
2532a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\clbcatq.dll
2533a34.3ca8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll
2534a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2535a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2536a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2537a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2538a34.3ca8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2539a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2540a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2541a34.3ca8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\clbcatq.dll'
2542a34.3ca8: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxC.dll: Signature #1/2: info status: 24202
2543a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2544a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2545a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2546a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2547a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2548a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2549a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2550a34.3ca8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2551a34.3ca8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxC.dll
2552a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2553a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2554a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2555a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2556a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2557a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
2558a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2559a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2560a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
2561a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2562a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2563a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2564a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2565a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll
2566a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2567a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2568a34.3ca8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2569a34.3ca8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxC.dll
2570a34.3ca8: supR3HardenedDllNotificationCallback: load 00007ffca4800000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2571a34.3ca8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxC.dll
2572a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffca4800000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2573a34.3ca8: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll: Signature #1/2: info status: 24202
2574a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2575a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2576a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2577a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2578a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2579a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2580a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2581a34.3ca8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2582a34.3ca8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2583a34.3ca8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2584a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2585a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2586a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2587a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2588a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2589a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2590a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2591a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
2592a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2593a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume15\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2594a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shlwapi.dll
2595a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2596a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2597a34.3ca8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\advapi32.dll
2598a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2599a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2600a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2601a34.3ca8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2602a34.3ca8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2603a34.3ca8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2604a34.3ca8: supR3HardenedDllNotificationCallback: load 00007ffcb8040000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2605a34.3ca8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2606a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcb8040000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2607a34.3ca8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2608a34.3ca8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2609a34.3ca8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd06a0000 'C:\Windows\System32\oleaut32.dll'
2610a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0570000 'C:\Windows\system32\gdi32.dll'
2611a34.381c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2612a34.381c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2613a34.381c: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll: Signature #1/2: info status: 24202
2614a34.381c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2615a34.381c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2616a34.381c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2617a34.381c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll) WinVerifyTrust
2618a34.381c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2619a34.381c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2620a34.381c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2621a34.381c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2622a34.381c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2623a34.381c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2624a34.381c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2625a34.381c: supR3HardenedDllNotificationCallback: load 00007ffcc6580000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [fFlags=0x0]
2626a34.381c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.dll
2627a34.381c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc6580000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL'
2628a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcd1560000 LB 0x00115000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
2629a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2630a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
2631a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'user32.dll'.
2632a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
2633a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'imm32.dll'.
2634a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\msctf.dll)
2635a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\msctf.dll
2636a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2637a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume15\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2638a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\imm32.dll
2639a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2640a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2641a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2642a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2643a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2644a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2645a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2646a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2647a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2648a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2649a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2650a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\msctf.dll'
2651a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009e8 pwszName=\Device\HarddiskVolume15\Windows\System32\DataExchange.dll
2652a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2653a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2654a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F602E8855BCD942955FA9DBB13C4E4D44C41A311
2655a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2656a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2657a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0510~31bf3856ad364e35~amd64~~10.0.19041.1706.cat'; file='\Device\HarddiskVolume15\Windows\System32\DataExchange.dll'
2658a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2659a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2660a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'd3d11.dll'.
2661a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'dcomp.dll'.
2662a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\DataExchange.dll) WinVerifyTrust
2663a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\DataExchange.dll
2664a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
2665a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume15\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
2666a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2667a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2668a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
2669a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
2670a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\dcomp.dll) WinVerifyTrust
2671a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\dcomp.dll
2672a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
2673a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume15\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
2674a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2675a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2676a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll
2677a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2678a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2679a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll
2680a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2681a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2682a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2683a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dxgi.dll'.
2684a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'.
2685a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\d3d11.dll) WinVerifyTrust
2686a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\d3d11.dll
2687a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2688a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2689a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2690a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2691a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll
2692a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
2693a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume15\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
2694a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2695a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2696a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2697a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
2698a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\dxgi.dll) WinVerifyTrust
2699a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\dxgi.dll
2700a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2701a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2702a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcrt.dll
2703a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2704a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume15\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2705a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\win32u.dll
2706a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2707a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2708a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2709a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\DataExchange.dll
2710a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\d3d11.dll
2711a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\dcomp.dll
2712a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\dxgi.dll
2713a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccddf0000 LB 0x000f3000 C:\Windows\system32\dxgi.dll [fFlags=0x0]
2714a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\dxgi.dll
2715a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccbba0000 LB 0x00263000 C:\Windows\system32\d3d11.dll [fFlags=0x0]
2716a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\d3d11.dll
2717a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccbe10000 LB 0x001e4000 C:\Windows\system32\dcomp.dll [fFlags=0x0]
2718a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\dcomp.dll
2719a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffc91640000 LB 0x0003e000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
2720a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\DataExchange.dll
2721a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0570000 'C:\Windows\System32\gdi32.dll'
2722a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc91640000 'C:\Windows\system32\dataexchange.dll'
2723a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
2724a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
2725a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'msvcp_win.dll'.
2726a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\twinapi.appcore.dll)
2727a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\twinapi.appcore.dll
2728a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccae20000 LB 0x00200000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
2729a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
2730a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2731a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2732a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll
2733a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2734a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2735a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\combase.dll
2736a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2737a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2738a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rpcrt4.dll
2739a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2740a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2741a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\twinapi.appcore.dll'
2742a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\SHCore.dll
2743a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2744a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0080000 'C:\Windows\system32\Shcore.dll'
2745a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2746a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
2747a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
2748a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coreuicomponents.dll'.
2749a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'coremessaging.dll'.
2750a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\TextInputFramework.dll)
2751a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\TextInputFramework.dll
2752a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2753a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
2754a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'rpcrt4.dll'.
2755a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
2756a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\CoreUIComponents.dll)
2757a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\CoreUIComponents.dll
2758a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2759a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ws2_32.dll'.
2760a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\CoreMessaging.dll)
2761a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\CoreMessaging.dll
2762a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\ntmarta.dll)
2763a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\ntmarta.dll
2764a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
2765a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
2766a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
2767a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\WinTypes.dll)
2768a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\WinTypes.dll
2769a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcce1f0000 LB 0x00033000 C:\Windows\SYSTEM32\ntmarta.dll [fFlags=0x0]
2770a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
2771a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccc6e0000 LB 0x000f2000 C:\Windows\System32\CoreMessaging.dll [fFlags=0x0]
2772a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
2773a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccb020000 LB 0x00154000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
2774a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
2775a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffccc380000 LB 0x0035e000 C:\Windows\System32\CoreUIComponents.dll [fFlags=0x0]
2776a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
2777a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc3690000 LB 0x000f9000 C:\Windows\SYSTEM32\textinputframework.dll [fFlags=0x0]
2778a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
2779a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
2780a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume15\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
2781a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\bcryptprimitives.dll
2782a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2783a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2784a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2785a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume15\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2786a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\combase.dll
2787a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2788a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2789a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
2790a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2791a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2792a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2793a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume15\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2794a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\SHCore.dll
2795a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2796a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2797a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2798a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume15\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2799a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
2800a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2801a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2802a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2803a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume15\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2804a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
2805a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
2806a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume15\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
2807a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
2808a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2809a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2810a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2811a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2812a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\oleaut32.dll
2813a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2814a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2815a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2816a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2817a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\WinTypes.dll'
2818a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2819a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2820a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\ntmarta.dll'
2821a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2822a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2823a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\CoreMessaging.dll'
2824a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2825a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2826a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\CoreUIComponents.dll'
2827a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2828a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2829a34.2aa0: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\TextInputFramework.dll'
2830a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
2831a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2832a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0a10000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
2833a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
2834a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2835a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0a10000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
2836a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
2837a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2838a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd01e0000 'api-ms-win-core-com-l1-1-0.dll'
2839a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msctf.dll
2840a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2841a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1560000 'C:\Windows\System32\MSCTF.dll'
2842a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ole32.dll
2843a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2844a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0810000 'C:\Windows\System32\ole32.dll'
2845a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd06a0000 'C:\Windows\System32\OLEAUT32.dll'
2846a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000af4 pwszName=\Device\HarddiskVolume15\Windows\System32\wbem\wbemprox.dll
2847a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2848a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2849a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D5E9B4B8E891F6D9AAF89D119CB8AAE1934ED673
2850a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2851a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\crypt32.dll
2852a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2853a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2854a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1706.cat'; file='\Device\HarddiskVolume15\Windows\System32\wbem\wbemprox.dll'
2855a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2856a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2857a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2858a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2859a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2860a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\wbem\wbemprox.dll
2861a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2862a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume15\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2863a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b08 pwszName=\Device\HarddiskVolume15\Windows\System32\wbemcomn.dll
2864a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2865a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2866a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B97C1D711C478066C1314800E4F6D26F93811194
2867a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2868a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2869a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1706.cat'; file='\Device\HarddiskVolume15\Windows\System32\wbemcomn.dll'
2870a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2871a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2872a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\wbemcomn.dll) WinVerifyTrust
2873a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\wbemcomn.dll
2874a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2875a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2876a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
2877a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2878a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2879a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2880a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2881a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2882a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbem\wbemprox.dll
2883a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbemcomn.dll
2884a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc5be0000 LB 0x00090000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2885a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbemcomn.dll
2886a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc5c70000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2887a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbem\wbemprox.dll
2888a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
2889a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2890a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2891a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc5c70000 'C:\Windows\system32\wbem\wbemprox.dll'
2892a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ae8 pwszName=\Device\HarddiskVolume15\Windows\System32\wbem\wbemsvc.dll
2893a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2894a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2895a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8CA332CD27CD01F33F85EB4BED516FAA617B555A
2896a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2897a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2898a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1706.cat'; file='\Device\HarddiskVolume15\Windows\System32\wbem\wbemsvc.dll'
2899a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2900a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2901a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2902a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2903a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\wbem\wbemsvc.dll
2904a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2905a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2906a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2907a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2908a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2909a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbem\wbemsvc.dll
2910a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc4690000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2911a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbem\wbemsvc.dll
2912a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc4690000 'C:\Windows\system32\wbem\wbemsvc.dll'
2913a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
2914a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2915a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-localization-l1-2-0.dll'
2916a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
2917a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2918a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
2919a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b24 pwszName=\Device\HarddiskVolume15\Windows\System32\wbem\fastprox.dll
2920a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2921a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2922a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=184DC69A17259EC62BC6A74793DCE28D7CC5A1AC
2923a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2924a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2925a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.1706.cat'; file='\Device\HarddiskVolume15\Windows\System32\wbem\fastprox.dll'
2926a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2927a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2928a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
2929a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2930a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\wbem\fastprox.dll
2931a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2932a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume15\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2933a34.2aa0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbemcomn.dll
2934a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2935a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2936a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2937a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbem\fastprox.dll
2938a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc46b0000 LB 0x0010b000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2939a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\wbem\fastprox.dll
2940a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc46b0000 'C:\Windows\system32\wbem\fastprox.dll'
2941a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b38 pwszName=\Device\HarddiskVolume15\Windows\System32\amsi.dll
2942a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
2943a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
2944a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4E037358D3BFB2BDA56CED3A1B6A631D12D37E28
2945a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2946a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2947a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\amsi.dll'
2948a34.2aa0: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2949a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2950a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
2951a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\amsi.dll) WinVerifyTrust
2952a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\amsi.dll
2953a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2954a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2955a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2956a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2957a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2958a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\amsi.dll
2959a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc65b0000 LB 0x00020000 C:\Windows\System32\amsi.dll [fFlags=0x0]
2960a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\amsi.dll
2961a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc65b0000 'C:\Windows\System32\amsi.dll'
2962a34.2aa0: \Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll: Owner is administrators group.
2963a34.2aa0: \Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll: Signature #2/4: VERR_CR_X509_CPV_NO_TRUSTED_PATHS (-23021) w/ timestamp=0x60229407/link.
2964a34.2aa0: \Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll: Signature #3/4: info status: 24202
2965a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
2966a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
2967a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'oleaut32.dll'.
2968a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll) WinVerifyTrust
2969a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll
2970a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2971a34.2aa0: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2972a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2973a34.2aa0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll
2974a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc43b0000 LB 0x0022c000 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll [fFlags=0x0]
2975a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll
2976a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2977a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2978a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-synch-l1-2-0'
2979a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
2980a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2981a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-fibers-l1-1-1'
2982a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2983a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2984a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-synch-l1-2-0'
2985a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
2986a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2987a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-fibers-l1-1-1'
2988a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
2989a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2990a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-localization-l1-2-1'
2991a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\kernel32.dll
2992a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2993a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd1300000 'C:\Windows\System32\kernel32.dll'
2994a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
2995a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2996a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-string-l1-1-0'
2997a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
2998a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2999a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-datetime-l1-1-1'
3000a34.2aa0: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
3001a34.2aa0: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3002a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf940000 'api-ms-win-core-localization-obsolete-l1-2-0'
3003a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcc43b0000 'C:\Program Files (x86)\Kaspersky Lab\Kaspersky Small Office Security 21.3\x64\antimalware_provider.dll'
3004a34.2aa0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0130000 'C:\Windows\System32\ADVAPI32.dll'
3005a34.1814: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll: Signature #1/2: info status: 24202
3006a34.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3007a34.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3008a34.1814: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3009a34.1814: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
3010a34.1814: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3011a34.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3012a34.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3013a34.1814: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3014a34.1814: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3015a34.1814: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3016a34.1814: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3017a34.1814: supR3HardenedDllNotificationCallback: load 00007ffc877a0000 LB 0x0037e000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
3018a34.1814: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3019a34.1814: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc877a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3020a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0810000 'C:\Windows\system32\ole32.dll'
3021a34.2574: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0810000 'C:\Windows\system32\ole32.dll'
3022a34.5048: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0810000 'C:\Windows\system32\ole32.dll'
3023a34.e0c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0810000 'C:\Windows\system32\ole32.dll'
3024a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3025a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ca8 pwszName=\Device\HarddiskVolume15\Windows\System32\NetSetupShim.dll
3026a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
3027a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
3028a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=BAC8C290E6A586220883FAD5DCDC734D078E5A36
3029a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3030a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3031a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05112~31bf3856ad364e35~amd64~~10.0.19041.1741.cat'; file='\Device\HarddiskVolume15\Windows\System32\NetSetupShim.dll'
3032a34.3214: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3033a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3034a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
3035a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'oleaut32.dll'.
3036a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'ws2_32.dll'.
3037a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'netsetupapi.dll'.
3038a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'setupapi.dll'.
3039a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'devrtl.dll'.
3040a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\NetSetupShim.dll) WinVerifyTrust
3041a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\NetSetupShim.dll
3042a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devrtl.dll'...
3043a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'devrtl.dll' -> '\Device\HarddiskVolume15\Windows\System32\devrtl.dll' [rcNtRedir=0xc0150008]
3044a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000c80 pwszName=\Device\HarddiskVolume15\Windows\System32\devrtl.dll
3045a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
3046a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
3047a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=14277C1223BB514B07ED4CDDA4F2EA5BFA8BD59B
3048a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3049a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3050a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\devrtl.dll'
3051a34.3214: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3052a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\devrtl.dll) WinVerifyTrust
3053a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\devrtl.dll
3054a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3055a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume15\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3056a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3057a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3058a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3059a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
3060a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'cfgmgr32.dll'.
3061a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
3062a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\setupapi.dll) WinVerifyTrust
3063a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\setupapi.dll
3064a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netsetupapi.dll'...
3065a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'netsetupapi.dll' -> '\Device\HarddiskVolume15\Windows\System32\netsetupapi.dll' [rcNtRedir=0xc0150008]
3066a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
3067a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume15\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
3068a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\bcrypt.dll
3069a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3070a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume15\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3071a34.3214: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\cfgmgr32.dll'.
3072a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\cfgmgr32.dll)
3073a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\cfgmgr32.dll
3074a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3075a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3076a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3077a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3078a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3079a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3080a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3081a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
3082a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\NetSetupApi.dll) WinVerifyTrust
3083a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\NetSetupApi.dll
3084a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3085a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3086a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
3087a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3088a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3089a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3090a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3091a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3092a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3093a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\msvcp_win.dll
3094a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3095a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3096a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3097a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3098a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupShim.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3099a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\NetSetupShim.dll
3100a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\NetSetupApi.dll
3101a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\devrtl.dll
3102a34.3214: supR3HardenedDllNotificationCallback: load 00007ffccfc10000 LB 0x0004e000 C:\Windows\System32\cfgmgr32.dll [fFlags=0x0]
3103a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
3104a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcb1ab0000 LB 0x00026000 C:\Windows\System32\NetSetupApi.dll [fFlags=0x0]
3105a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\NetSetupApi.dll
3106a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcd1a20000 LB 0x0046f000 C:\Windows\System32\setupapi.dll [fFlags=0x0]
3107a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\setupapi.dll
3108a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcb9ff0000 LB 0x00014000 C:\Windows\System32\DEVRTL.dll [fFlags=0x0]
3109a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\devrtl.dll
3110a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcb1960000 LB 0x00078000 C:\Windows\System32\NetSetupShim.dll [fFlags=0x0]
3111a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\NetSetupShim.dll
3112a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcb1960000 'C:\Windows\System32\NetSetupShim.dll'
3113a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3114a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3115a34.3214: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\cfgmgr32.dll'
3116a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3117a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3118a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3119a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
3120a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'nsi.dll'.
3121a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'winnsi.dll'.
3122a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\NetSetupEngine.dll) WinVerifyTrust
3123a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\NetSetupEngine.dll
3124a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
3125a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume15\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
3126a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3127a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3128a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3129a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
3130a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\winnsi.dll) WinVerifyTrust
3131a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\winnsi.dll
3132a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3133a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume15\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3134a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3135a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume15\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3136a34.3214: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume15\Windows\System32\nsi.dll'.
3137a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\nsi.dll)
3138a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\nsi.dll
3139a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3140a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3141a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3142a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3143a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\nsi.dll) WinVerifyTrust
3144a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3145a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3146a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3147a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume15\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3148a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupEngine.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3149a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\NetSetupEngine.dll
3150a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winnsi.dll
3151a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcd1e90000 LB 0x00008000 C:\Windows\System32\NSI.dll [fFlags=0x0]
3152a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
3153a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcc7740000 LB 0x0000b000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
3154a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\winnsi.dll
3155a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcb7710000 LB 0x000ca000 C:\Windows\System32\NetSetupEngine.dll [fFlags=0x0]
3156a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\NetSetupEngine.dll
3157a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcb7710000 'C:\Windows\System32\NetSetupEngine.dll'
3158a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3159a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3160a34.3214: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\nsi.dll'
3161a34.33b8: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll: Signature #1/2: info status: 24202
3162a34.33b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3163a34.33b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3164a34.33b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3165a34.33b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3166a34.33b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3167a34.33b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3168a34.33b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
3169a34.33b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3170a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3171a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3172a34.33b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\user32.dll
3173a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3174a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3175a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3176a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3177a34.33b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3178a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3179a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3180a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3181a34.33b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3182a34.33b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3183a34.33b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3184a34.33b8: supR3HardenedDllNotificationCallback: load 00007ffcba4f0000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
3185a34.33b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3186a34.33b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba4f0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
3187a34.3c50: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll: Signature #1/2: info status: 24202
3188a34.3c50: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3189a34.3c50: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3190a34.3c50: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3191a34.3c50: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3192a34.3c50: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
3193a34.3c50: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3194a34.3c50: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3195a34.3c50: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3196a34.3c50: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3197a34.3c50: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3198a34.3c50: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3199a34.3c50: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3200a34.3c50: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll
3201a34.3c50: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3202a34.3c50: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3203a34.3c50: supR3HardenedDllNotificationCallback: load 00007ffcba4e0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
3204a34.3c50: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3205a34.3c50: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba4e0000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
3206a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\shell32.dll
3207a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3208a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0bb0000 'C:\Windows\system32\Shell32.dll'
3209a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3210a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3211a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc877a0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3212a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll: Signature #1/2: info status: 24202
3213a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3214a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3215a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3216a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3217a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
3218a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
3219a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
3220a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3221a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3222a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume15\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3223a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3224a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3225a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3226a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3227a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3228a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3229a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3230a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3231a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3232a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3233a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcad9f0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
3234a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3235a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcad9f0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
3236a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcad9f0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
3237a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3238a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD.dll: Signature #1/2: info status: 24202
3239a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3240a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3241a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3242a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3243a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
3244a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
3245a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3246a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
3247a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
3248a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
3249a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
3250a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
3251a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD.dll
3252a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
3253a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume15\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
3254a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3255a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3256a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
3257a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\IPHLPAPI.DLL
3258a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3259a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3260a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3261a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3262a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
3263a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3264a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume15\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3265a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\setupapi.dll
3266a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3267a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3268a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
3269a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
3270a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD2.dll: Signature #1/2: info status: 24202
3271a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3272a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3273a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3274a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
3275a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3276a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
3277a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
3278a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDDU.dll: Signature #1/2: info status: 24202
3279a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3280a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3281a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3282a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3283a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3284a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3285a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3286a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3287a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
3288a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
3289a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
3290a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3291a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3292a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3293a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3294a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3295a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3296a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3297a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3298a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3299a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume15\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3300a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3301a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume15\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3302a34.3214: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\setupapi.dll
3303a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3304a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume15\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3305a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3306a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3307a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3308a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3309a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3310a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD.dll
3311a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3312a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3313a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\IPHLPAPI.DLL
3314a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcb78d0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3315a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3316a34.3214: supR3HardenedDllNotificationCallback: load 00007ffc45750000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3317a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3318a34.3214: supR3HardenedDllNotificationCallback: load 00007ffccea60000 LB 0x0003b000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
3319a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\IPHLPAPI.DLL
3320a34.3214: supR3HardenedDllNotificationCallback: load 00007ffc47400000 LB 0x00a03000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
3321a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD.dll
3322a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc47400000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
3323a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3324a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3325a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3326a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3327a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcad9f0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
3328a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
3329a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcad9f0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL'
3330a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3331a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxC.dll
3332a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3333a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffca4800000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
3334a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3335a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3336a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3337a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffc45750000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
3338a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3339a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll: Signature #1/2: info status: 24202
3340a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3341a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3342a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3343a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
3344a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3345a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3346a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3347a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3348a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3349a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3350a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3351a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcba2c0000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
3352a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
3353a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba2c0000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL'
3354a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3355a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll: Signature #1/2: info status: 24202
3356a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3357a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3358a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3359a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll) WinVerifyTrust
3360a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3361a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3362a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3363a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3364a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3365a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3366a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3367a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcba060000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [fFlags=0x0]
3368a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.dll
3369a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba060000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL'
3370a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3371a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll: Signature #1/2: info status: 24202
3372a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3373a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3374a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3375a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
3376a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3377a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3378a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3379a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3380a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3381a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3382a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3383a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcba040000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
3384a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
3385a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba040000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL'
3386a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3387a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll: Signature #1/2: info status: 24202
3388a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3389a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3390a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3391a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
3392a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3393a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3394a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3395a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3396a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3397a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3398a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3399a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcba010000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
3400a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
3401a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba010000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL'
3402a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3403a34.45cc: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll: Signature #1/2: info status: 24202
3404a34.45cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3405a34.45cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3406a34.45cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3407a34.45cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3408a34.45cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3409a34.45cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3410a34.45cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3411a34.45cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3412a34.45cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3413a34.45cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3414a34.45cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3415a34.45cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3416a34.45cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3417a34.45cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3418a34.45cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3419a34.45cc: supR3HardenedDllNotificationCallback: load 00007ffcb9fd0000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3420a34.45cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3421a34.45cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcb9fd0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3422a34.fe4: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll: Signature #1/2: info status: 24202
3423a34.fe4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3424a34.fe4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3425a34.fe4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3426a34.fe4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3427a34.fe4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3428a34.fe4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
3429a34.fe4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3430a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3431a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3432a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3433a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3434a34.fe4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3435a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3436a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3437a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3438a34.fe4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3439a34.fe4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3440a34.fe4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3441a34.fe4: supR3HardenedDllNotificationCallback: load 00007ffcba4d0000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
3442a34.fe4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3443a34.fe4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba4d0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
3444a34.3fec: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll: Signature #1/2: info status: 24202
3445a34.3fec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3446a34.3fec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3447a34.3fec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3448a34.3fec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3449a34.3fec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
3450a34.3fec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3451a34.3fec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3452a34.3fec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3453a34.3fec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3454a34.3fec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3455a34.3fec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3456a34.3fec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3457a34.3fec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3458a34.3fec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3459a34.3fec: supR3HardenedDllNotificationCallback: load 00007ffcba2b0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
3460a34.3fec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3461a34.3fec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcba2b0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
3462a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3463a34.3214: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll: Signature #1/2: info status: 24202
3464a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3465a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3466a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3467a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
3468a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3469a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3470a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3471a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3472a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3473a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3474a34.3214: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3475a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcca350000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
3476a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
3477a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcca350000 'C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL'
3478a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\IPHLPAPI.DLL
3479a34.3214: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3480a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccea60000 'C:\Windows\system32\Iphlpapi.dll'
3481a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3482a34.3214: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume15\Windows\System32\dhcpcsvc6.dll)
3483a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\dhcpcsvc6.dll
3484a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcc7630000 LB 0x00017000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
3485a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
3486a34.3214: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3487a34.3214: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume15\Windows\System32\dhcpcsvc.dll)
3488a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\dhcpcsvc.dll
3489a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcc75e0000 LB 0x0001d000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
3490a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
3491a34.3214: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\dnsapi.dll)
3492a34.3214: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\dnsapi.dll
3493a34.3214: supR3HardenedDllNotificationCallback: load 00007ffcceaa0000 LB 0x000cb000 C:\Windows\SYSTEM32\DNSAPI.dll [fFlags=0x0]
3494a34.3214: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust]
3495a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3496a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3497a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3498a34.3214: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3499a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3500a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3501a34.3214: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\dnsapi.dll'
3502a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010ac pwszName=\Device\HarddiskVolume15\Windows\System32\dhcpcsvc.dll
3503a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
3504a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
3505a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DCAD48333E2A4922B628484108339A2EED2CAAA4
3506a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3507a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3508a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\dhcpcsvc.dll'
3509a34.3214: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3510a34.3214: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\dhcpcsvc.dll'
3511a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000010a4 pwszName=\Device\HarddiskVolume15\Windows\System32\dhcpcsvc6.dll
3512a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
3513a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
3514a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B30BEFD11A7A908BF866683855A2B32DDCBE496
3515a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3516a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3517a34.3214: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\dhcpcsvc6.dll'
3518a34.3214: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3519a34.3214: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\dhcpcsvc6.dll'
3520a34.3214: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3521a34.4d68: '\Device\HarddiskVolume15\Windows\System32\tzres.dll' has no imports
3522a34.4d68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume15\Windows\System32\tzres.dll)
3523a34.4d68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\tzres.dll
3524a34.4d68: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000013e0 (hFile=00000000000013d8) with 0xc0000022 -> STATUS_TRUST_FAILURE
3525a34.4d68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume15\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
3526a34.4d68: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000013d8 (hFile=00000000000013e0) with 0xc0000022 -> STATUS_TRUST_FAILURE
3527a34.4d68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000013d0 pwszName=\Device\HarddiskVolume15\Windows\System32\tzres.dll
3528a34.4d68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000c02e30
3529a34.4d68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000c02e30
3530a34.4d68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C60D23108187B637B3516BEB4EFF40A2CC4F0ADF
3531a34.4d68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3532a34.4d68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3533a34.4d68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.1766.cat'; file='\Device\HarddiskVolume15\Windows\System32\tzres.dll'
3534a34.4d68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3535a34.4d68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume15\Windows\System32\tzres.dll'
3536a34.4d68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\rsaenh.dll
3537a34.4d68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3538a34.4d68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcce5c0000 'C:\Windows\system32\rsaenh.dll'
3539a34.4d68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccf7e0000 'C:\Windows\System32\crypt32.dll'
3540a34.4d68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ws2_32.dll'.
3541a34.4d68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
3542a34.4d68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\mswsock.dll) WinVerifyTrust
3543a34.4d68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\mswsock.dll
3544a34.4d68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3545a34.4d68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume15\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3546a34.4d68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3547a34.4d68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume15\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3548a34.4d68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\ws2_32.dll
3549a34.4d68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3550a34.4d68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\mswsock.dll
3551a34.4d68: supR3HardenedDllNotificationCallback: load 00007ffccedc0000 LB 0x0006a000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
3552a34.4d68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\mswsock.dll
3553a34.4d68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffccedc0000 'C:\Windows\system32\mswsock.dll'
3554a34.33b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffcd0a10000 'C:\Windows\system32\User32.dll'
3555a34.3fec: supR3HardenedDllNotificationCallback: Unload 00007ffcba2b0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
3556a34.fe4: supR3HardenedDllNotificationCallback: Unload 00007ffcba4d0000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
3557a34.45cc: supR3HardenedDllNotificationCallback: Unload 00007ffcb9fd0000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
3558a34.3c50: supR3HardenedDllNotificationCallback: Unload 00007ffcba4e0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
3559a34.33b8: supR3HardenedDllNotificationCallback: Unload 00007ffcba4f0000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
3560a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcba010000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [flags=0x0]
3561a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcba040000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [flags=0x0]
3562a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcba060000 LB 0x00012000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxNvmeR3.DLL [flags=0x0]
3563a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcba2c0000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [flags=0x0]
3564a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcad9f0000 LB 0x00041000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
3565a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffc47400000 LB 0x00a03000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
3566a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffcb78d0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
3567a34.3214: supR3HardenedDllNotificationCallback: Unload 00007ffc45750000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
3568a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcc6580000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMainVM.DLL [flags=0x0]
3569a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcb8040000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [flags=0x0]
3570a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcc4690000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
3571a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcc5c70000 LB 0x00011000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
3572a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffc91640000 LB 0x0003e000 C:\Windows\system32\dataexchange.dll [flags=0x0]
3573a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3574a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
3575a34.2aa0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'.
3576a34.2aa0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume15\Windows\System32\DXCore.dll)
3577a34.2aa0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume15\Windows\System32\DXCore.dll
3578a34.2aa0: supR3HardenedDllNotificationCallback: load 00007ffcc9220000 LB 0x0003b000 C:\Windows\SYSTEM32\dxcore.dll [fFlags=0x0]
3579a34.2aa0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume15\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
3580a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffccbba0000 LB 0x00263000 C:\Windows\system32\d3d11.dll [flags=0x0]
3581a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffccddf0000 LB 0x000f3000 C:\Windows\system32\dxgi.dll [flags=0x0]
3582a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffccbe10000 LB 0x001e4000 C:\Windows\system32\dcomp.dll [flags=0x0]
3583a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffccae20000 LB 0x00200000 C:\Windows\system32\twinapi.appcore.dll [flags=0x0]
3584a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffca4800000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
3585a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcb1960000 LB 0x00078000 C:\Windows\System32\NetSetupShim.dll [flags=0x0]
3586a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcb1ab0000 LB 0x00026000 C:\Windows\System32\NetSetupApi.dll [flags=0x0]
3587a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcd1a20000 LB 0x0046f000 C:\Windows\System32\setupapi.dll [flags=0x0]
3588a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcb9ff0000 LB 0x00014000 C:\Windows\System32\DEVRTL.dll [flags=0x0]
3589a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcc46b0000 LB 0x0010b000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0]
3590a34.2aa0: supR3HardenedDllNotificationCallback: Unload 00007ffcc5be0000 LB 0x00090000 C:\Windows\SYSTEM32\wbemcomn.dll [flags=0x0]
3591a34.2aa0: Terminating the normal way: rcExit=0
3592a9c.35c4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 88321 ms, the end);
35931f94.56e0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 89035 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy