VirtualBox

Ticket #21105: VBoxHardening.log

File VBoxHardening.log, 444.1 KB (added by ktapodac, 2 years ago)
Line 
1c98.2118: Log file opened: 6.1.38r153438 g_hStartupLog=00000000000000a4 g_uNtVerCombined=0xa055f000
2c98.2118: \SystemRoot\System32\ntdll.dll:
3c98.2118: CreationTime: 2022-08-23T05:05:16.814581400Z
4c98.2118: LastWriteTime: 2022-08-23T05:05:16.908846800Z
5c98.2118: ChangeTime: 2022-08-23T07:39:08.803998400Z
6c98.2118: FileAttributes: 0x20
7c98.2118: Size: 0x207df0
8c98.2118: NT Headers: 0xe0
9c98.2118: Timestamp: 0x3907dfbc
10c98.2118: Machine: 0x8664 - amd64
11c98.2118: Timestamp: 0x3907dfbc
12c98.2118: Image Version: 10.0
13c98.2118: SizeOfImage: 0x209000 (2134016)
14c98.2118: Resource Dir: 0x194000 LB 0x73528
15c98.2118: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16c98.2118: [Raw version resource data: 0x1940f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17c98.2118: ProductName: Microsoft® Windows® Operating System
18c98.2118: ProductVersion: 10.0.22000.832
19c98.2118: FileVersion: 10.0.22000.832 (WinBuild.160101.0800)
20c98.2118: FileDescription: NT Layer DLL
21c98.2118: \SystemRoot\System32\kernel32.dll:
22c98.2118: CreationTime: 2022-08-23T05:04:56.343099500Z
23c98.2118: LastWriteTime: 2022-08-23T05:04:56.374396100Z
24c98.2118: ChangeTime: 2022-08-23T07:39:27.942674600Z
25c98.2118: FileAttributes: 0x20
26c98.2118: Size: 0xc0058
27c98.2118: NT Headers: 0xf8
28c98.2118: Timestamp: 0xafec8296
29c98.2118: Machine: 0x8664 - amd64
30c98.2118: Timestamp: 0xafec8296
31c98.2118: Image Version: 10.0
32c98.2118: SizeOfImage: 0xbd000 (774144)
33c98.2118: Resource Dir: 0xbb000 LB 0x520
34c98.2118: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35c98.2118: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36c98.2118: ProductName: Microsoft® Windows® Operating System
37c98.2118: ProductVersion: 10.0.22000.708
38c98.2118: FileVersion: 10.0.22000.708 (WinBuild.160101.0800)
39c98.2118: FileDescription: Windows NT BASE API Client DLL
40c98.2118: \SystemRoot\System32\KernelBase.dll:
41c98.2118: CreationTime: 2022-08-23T05:05:18.717226800Z
42c98.2118: LastWriteTime: 2022-08-23T05:05:18.967797400Z
43c98.2118: ChangeTime: 2022-08-23T07:39:28.052050900Z
44c98.2118: FileAttributes: 0x20
45c98.2118: Size: 0x384300
46c98.2118: NT Headers: 0xf8
47c98.2118: Timestamp: 0x7efab3dc
48c98.2118: Machine: 0x8664 - amd64
49c98.2118: Timestamp: 0x7efab3dc
50c98.2118: Image Version: 10.0
51c98.2118: SizeOfImage: 0x37d000 (3657728)
52c98.2118: Resource Dir: 0x34d000 LB 0x548
53c98.2118: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54c98.2118: [Raw version resource data: 0x34d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55c98.2118: ProductName: Microsoft® Windows® Operating System
56c98.2118: ProductVersion: 10.0.22000.832
57c98.2118: FileVersion: 10.0.22000.832 (WinBuild.160101.0800)
58c98.2118: FileDescription: Windows NT BASE API Client DLL
59c98.2118: \SystemRoot\System32\apisetschema.dll:
60c98.2118: CreationTime: 2021-06-05T12:04:59.928787900Z
61c98.2118: LastWriteTime: 2021-06-05T12:04:59.928787900Z
62c98.2118: ChangeTime: 2022-08-23T05:10:48.345749900Z
63c98.2118: FileAttributes: 0x20
64c98.2118: Size: 0x24150
65c98.2118: NT Headers: 0xc8
66c98.2118: Timestamp: 0x68d1dbaf
67c98.2118: Machine: 0x8664 - amd64
68c98.2118: Timestamp: 0x68d1dbaf
69c98.2118: Image Version: 10.0
70c98.2118: SizeOfImage: 0x23000 (143360)
71c98.2118: Resource Dir: 0x22000 LB 0x408
72c98.2118: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73c98.2118: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74c98.2118: ProductName: Microsoft® Windows® Operating System
75c98.2118: ProductVersion: 10.0.22000.1
76c98.2118: FileVersion: 10.0.22000.1 (WinBuild.160101.0800)
77c98.2118: FileDescription: ApiSet Schema DLL
78c98.2118: Found driver cfwids (0x20)
79c98.2118: Found driver mfencbdc (0x20)
80c98.2118: Found driver mfewfpk (0x20)
81c98.2118: Found driver mfehidk (0x20)
82c98.2118: Found driver mfeavfk (0x20)
83c98.2118: Found driver mfefirek (0x20)
84c98.2118: supR3HardenedWinFindAdversaries: 0x20
85c98.2118: \SystemRoot\System32\drivers\cfwids.sys:
86c98.2118: CreationTime: 2021-09-28T22:02:42.000000000Z
87c98.2118: LastWriteTime: 2022-06-09T18:39:00.000000000Z
88c98.2118: ChangeTime: 2022-08-24T08:15:20.667509000Z
89c98.2118: FileAttributes: 0x20
90c98.2118: Size: 0x12860
91c98.2118: NT Headers: 0xe0
92c98.2118: Timestamp: 0x62544d2b
93c98.2118: Machine: 0x8664 - amd64
94c98.2118: Timestamp: 0x62544d2b
95c98.2118: Image Version: 10.0
96c98.2118: SizeOfImage: 0x13000 (77824)
97c98.2118: Resource Dir: 0x11000 LB 0x550
98c98.2118: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
99c98.2118: [Raw version resource data: 0x110a0 LB 0x318, codepage 0x0 (reserved 0x0)]
100c98.2118: ProductName: SYSCORE
101c98.2118: ProductVersion: 22.4.0.226
102c98.2118: FileVersion: SYSCORE.22.4.0.226
103c98.2118: PrivateBuild: SYSCORE.22.4.0.226
104c98.2118: FileDescription: McAfee Personal Firewall IDS Plugin
105c98.2118: \SystemRoot\System32\drivers\mfeavfk.sys:
106c98.2118: CreationTime: 2022-06-09T18:39:00.000000000Z
107c98.2118: LastWriteTime: 2022-06-09T18:39:00.000000000Z
108c98.2118: ChangeTime: 2022-08-28T17:51:22.648106800Z
109c98.2118: FileAttributes: 0x20
110c98.2118: Size: 0x54e68
111c98.2118: NT Headers: 0xf0
112c98.2118: Timestamp: 0x62544d2b
113c98.2118: Machine: 0x8664 - amd64
114c98.2118: Timestamp: 0x62544d2b
115c98.2118: Image Version: 10.0
116c98.2118: SizeOfImage: 0x54000 (344064)
117c98.2118: Resource Dir: 0x52000 LB 0x758
118c98.2118: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
119c98.2118: [Raw version resource data: 0x52110 LB 0x334, codepage 0x0 (reserved 0x0)]
120c98.2118: ProductName: SYSCORE
121c98.2118: ProductVersion: 22.4.0.226
122c98.2118: FileVersion: SYSCORE.22.4.0.226
123c98.2118: PrivateBuild: SYSCORE.22.4.0.226 F15,F16,F19
124c98.2118: FileDescription: Anti-Virus File System Filter Driver
125c98.2118: \SystemRoot\System32\drivers\mfefirek.sys:
126c98.2118: CreationTime: 2021-09-28T22:02:42.000000000Z
127c98.2118: LastWriteTime: 2022-06-09T18:39:14.000000000Z
128c98.2118: ChangeTime: 2022-08-24T08:15:19.882509100Z
129c98.2118: FileAttributes: 0x20
130c98.2118: Size: 0x6c268
131c98.2118: NT Headers: 0xd8
132c98.2118: Timestamp: 0x62544d54
133c98.2118: Machine: 0x8664 - amd64
134c98.2118: Timestamp: 0x62544d54
135c98.2118: Image Version: 10.0
136c98.2118: SizeOfImage: 0x6c000 (442368)
137c98.2118: Resource Dir: 0x6a000 LB 0x388
138c98.2118: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
139c98.2118: [Raw version resource data: 0x6a060 LB 0x328, codepage 0x0 (reserved 0x0)]
140c98.2118: ProductName: SYSCORE
141c98.2118: ProductVersion: 22.4.0.226
142c98.2118: FileVersion: SYSCORE.22.4.0.226
143c98.2118: PrivateBuild: SYSCORE.22.4.0.226 F17,F18
144c98.2118: FileDescription: McAfee Core Firewall Engine Driver
145c98.2118: \SystemRoot\System32\drivers\mfehidk.sys:
146c98.2118: CreationTime: 2021-09-28T22:02:40.000000000Z
147c98.2118: LastWriteTime: 2022-06-09T18:39:14.000000000Z
148c98.2118: ChangeTime: 2022-08-24T07:47:34.144476400Z
149c98.2118: FileAttributes: 0x20
150c98.2118: Size: 0xdfc80
151c98.2118: NT Headers: 0xf0
152c98.2118: Timestamp: 0x62544e36
153c98.2118: Machine: 0x8664 - amd64
154c98.2118: Timestamp: 0x62544e36
155c98.2118: Image Version: 10.0
156c98.2118: SizeOfImage: 0xe9000 (954368)
157c98.2118: Resource Dir: 0xe6000 LB 0x780
158c98.2118: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
159c98.2118: [Raw version resource data: 0xe6110 LB 0x320, codepage 0x0 (reserved 0x0)]
160c98.2118: ProductName: SYSCORE
161c98.2118: ProductVersion: 22.4.0.226
162c98.2118: FileVersion: SYSCORE.22.4.0.226
163c98.2118: PrivateBuild: SYSCORE.22.4.0.226 F14,F15,F16,F18,F20
164c98.2118: FileDescription: McAfee Link Driver
165c98.2118: \SystemRoot\System32\drivers\mfencbdc.sys:
166c98.2118: CreationTime: 2022-06-01T14:25:20.000000000Z
167c98.2118: LastWriteTime: 2022-06-01T14:25:20.000000000Z
168c98.2118: ChangeTime: 2022-08-28T17:51:22.663731300Z
169c98.2118: FileAttributes: 0x20
170c98.2118: Size: 0x9f678
171c98.2118: NT Headers: 0xd8
172c98.2118: Timestamp: 0x62452dd6
173c98.2118: Machine: 0x8664 - amd64
174c98.2118: Timestamp: 0x62452dd6
175c98.2118: Image Version: 10.0
176c98.2118: SizeOfImage: 0xb2000 (729088)
177c98.2118: Resource Dir: 0xb0000 LB 0x3e0
178c98.2118: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
179c98.2118: [Raw version resource data: 0xb0060 LB 0x380, codepage 0x0 (reserved 0x0)]
180c98.2118: ProductName: Anti-Malware Core
181c98.2118: ProductVersion: 22.4.0
182c98.2118: FileVersion: Anti-Malware Core.22.4.0.479
183c98.2118: PrivateBuild: Anti-Malware Core.22.4.0.479
184c98.2118: FileDescription: Event Driver
185c98.2118: \SystemRoot\System32\drivers\mfewfpk.sys:
186c98.2118: CreationTime: 2021-09-28T22:02:42.000000000Z
187c98.2118: LastWriteTime: 2022-06-09T18:39:14.000000000Z
188c98.2118: ChangeTime: 2022-08-24T06:57:40.275170800Z
189c98.2118: FileAttributes: 0x20
190c98.2118: Size: 0x38c68
191c98.2118: NT Headers: 0xe0
192c98.2118: Timestamp: 0x62544d36
193c98.2118: Machine: 0x8664 - amd64
194c98.2118: Timestamp: 0x62544d36
195c98.2118: Image Version: 10.0
196c98.2118: SizeOfImage: 0x53000 (339968)
197c98.2118: Resource Dir: 0x51000 LB 0x380
198c98.2118: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
199c98.2118: [Raw version resource data: 0x51060 LB 0x320, codepage 0x0 (reserved 0x0)]
200c98.2118: ProductName: SYSCORE
201c98.2118: ProductVersion: 22.4.0.226
202c98.2118: FileVersion: SYSCORE.22.4.0.226
203c98.2118: PrivateBuild: SYSCORE.22.4.0.226 F17,F18
204c98.2118: FileDescription: Anti-Virus Mini-Firewall Driver
205c98.2118: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
206c98.2118: Calling main()
207c98.2118: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
208c98.2118: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
209c98.2118: SUPR3HardenedMain: Respawn #1
210c98.2118: System32: \Device\HarddiskVolume3\Windows\System32
211c98.2118: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
212c98.2118: KnownDllPath: C:\windows\System32
213c98.2118: supR3HardenedWinInit: Performing a limited self purification...
214c98.2118: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
215c98.2118: *0000000000000000-0000000000e6ffff 0x0001/0x0000 0x0000000
216c98.2118: *0000000000e70000-0000000000e70fff 0x0002/0x0002 0x0040000
217c98.2118: 0000000000e71000-0000000000e7ffff 0x0001/0x0000 0x0000000
218c98.2118: *0000000000e80000-0000000000e80fff 0x0002/0x0002 0x0040000
219c98.2118: 0000000000e81000-0000000000e8ffff 0x0001/0x0000 0x0000000
220c98.2118: *0000000000e90000-0000000000eaefff 0x0002/0x0002 0x0040000
221c98.2118: 0000000000eaf000-0000000000eaffff 0x0001/0x0000 0x0000000
222c98.2118: *0000000000eb0000-0000000000f60fff 0x0000/0x0004 0x0020000
223c98.2118: 0000000000f61000-0000000000f63fff 0x0104/0x0004 0x0020000
224c98.2118: 0000000000f64000-0000000000faffff 0x0004/0x0004 0x0020000
225c98.2118: *0000000000fb0000-0000000000fb3fff 0x0002/0x0002 0x0040000
226c98.2118: 0000000000fb4000-0000000000fbffff 0x0001/0x0000 0x0000000
227c98.2118: *0000000000fc0000-0000000000fc1fff 0x0004/0x0004 0x0020000
228c98.2118: 0000000000fc2000-0000000000fcffff 0x0001/0x0000 0x0000000
229c98.2118: *0000000000fd0000-0000000000fe0fff 0x0002/0x0002 0x0040000
230c98.2118: 0000000000fe1000-0000000000feffff 0x0001/0x0000 0x0000000
231c98.2118: *0000000000ff0000-0000000000ff2fff 0x0002/0x0002 0x0040000
232c98.2118: 0000000000ff3000-0000000000ffffff 0x0001/0x0000 0x0000000
233c98.2118: *0000000001000000-00000000010d2fff 0x0000/0x0004 0x0020000
234c98.2118: 00000000010d3000-00000000010d5fff 0x0004/0x0004 0x0020000
235c98.2118: 00000000010d6000-00000000011fffff 0x0000/0x0004 0x0020000
236c98.2118: *0000000001200000-0000000001210fff 0x0002/0x0002 0x0040000
237c98.2118: 0000000001211000-000000000121ffff 0x0001/0x0000 0x0000000
238c98.2118: *0000000001220000-0000000001220fff 0x0002/0x0002 0x0040000
239c98.2118: 0000000001221000-000000000122ffff 0x0001/0x0000 0x0000000
240c98.2118: *0000000001230000-0000000001245fff 0x0004/0x0004 0x0020000
241c98.2118: 0000000001246000-000000000132ffff 0x0000/0x0004 0x0020000
242c98.2118: *0000000001330000-0000000001331fff 0x0004/0x0004 0x0020000
243c98.2118: 0000000001332000-0000000001391fff 0x0000/0x0004 0x0020000
244c98.2118: 0000000001392000-000000000139ffff 0x0001/0x0000 0x0000000
245c98.2118: *00000000013a0000-00000000013affff 0x0004/0x0004 0x0040000
246c98.2118: *00000000013b0000-00000000013b2fff 0x0002/0x0002 0x0040000
247c98.2118: 00000000013b3000-00000000013bffff 0x0001/0x0000 0x0000000
248c98.2118: *00000000013c0000-000000000148dfff 0x0002/0x0002 0x0040000
249c98.2118: 000000000148e000-000000000148ffff 0x0001/0x0000 0x0000000
250c98.2118: *0000000001490000-00000000014a0fff 0x0002/0x0002 0x0040000
251c98.2118: 00000000014a1000-00000000014affff 0x0001/0x0000 0x0000000
252c98.2118: *00000000014b0000-00000000014c0fff 0x0002/0x0002 0x0040000
253c98.2118: 00000000014c1000-00000000014cffff 0x0001/0x0000 0x0000000
254c98.2118: *00000000014d0000-00000000014d1fff 0x0004/0x0004 0x0020000
255c98.2118: 00000000014d2000-0000000001531fff 0x0000/0x0004 0x0020000
256c98.2118: 0000000001532000-000000000154ffff 0x0001/0x0000 0x0000000
257c98.2118: *0000000001550000-000000000155efff 0x0004/0x0004 0x0020000
258c98.2118: 000000000155f000-000000000155ffff 0x0000/0x0004 0x0020000
259c98.2118: *0000000001560000-0000000001563fff 0x0000/0x0004 0x0020000
260c98.2118: 0000000001564000-000000000176dfff 0x0004/0x0004 0x0020000
261c98.2118: 000000000176e000-000000000176efff 0x0000/0x0004 0x0020000
262c98.2118: 000000000176f000-000000000176ffff 0x0001/0x0000 0x0000000
263c98.2118: *0000000001770000-000000000179bfff 0x0004/0x0004 0x0020000
264c98.2118: 000000000179c000-000000000186ffff 0x0000/0x0004 0x0020000
265c98.2118: 0000000001870000-000000007ffdffff 0x0001/0x0000 0x0000000
266c98.2118: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
267c98.2118: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
268c98.2118: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
269c98.2118: 000000007fff0000-00007ff4df3dffff 0x0001/0x0000 0x0000000
270c98.2118: *00007ff4df3e0000-00007ff4df3e4fff 0x0002/0x0002 0x0040000
271c98.2118: 00007ff4df3e5000-00007ff4df4dffff 0x0000/0x0002 0x0040000
272c98.2118: *00007ff4df4e0000-00007ff5df4fffff 0x0000/0x0004 0x0020000
273c98.2118: *00007ff5df500000-00007ff5e14fffff 0x0000/0x0004 0x0020000
274c98.2118: 00007ff5e1500000-00007ff5e1500fff 0x0004/0x0004 0x0020000
275c98.2118: 00007ff5e1501000-00007ff5e150ffff 0x0001/0x0000 0x0000000
276c98.2118: *00007ff5e1510000-00007ff5e1510fff 0x0002/0x0002 0x0040000
277c98.2118: 00007ff5e1511000-00007ff79c2affff 0x0001/0x0000 0x0000000
278c98.2118: *00007ff79c2b0000-00007ff79c2b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
279c98.2118: 00007ff79c2b1000-00007ff79c328fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
280c98.2118: 00007ff79c329000-00007ff79c329fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
281c98.2118: 00007ff79c32a000-00007ff79c373fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
282c98.2118: 00007ff79c374000-00007ff79c376fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
283c98.2118: 00007ff79c377000-00007ff79c379fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
284c98.2118: 00007ff79c37a000-00007ff79c37cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
285c98.2118: 00007ff79c37d000-00007ff79c37dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
286c98.2118: 00007ff79c37e000-00007ff79c37ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
287c98.2118: 00007ff79c380000-00007ff79c380fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
288c98.2118: 00007ff79c381000-00007ff79c3c9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
289c98.2118: 00007ff79c3ca000-00007ff8639effff 0x0001/0x0000 0x0000000
290c98.2118: *00007ff8639f0000-00007ff8639f0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll
291c98.2118: 00007ff8639f1000-00007ff863a3efff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll
292c98.2118: 00007ff863a3f000-00007ff863a60fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll
293c98.2118: 00007ff863a61000-00007ff863a63fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll
294c98.2118: 00007ff863a64000-00007ff863a80fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\apphelp.dll
295c98.2118: 00007ff863a81000-00007ff866cbffff 0x0001/0x0000 0x0000000
296c98.2118: *00007ff866cc0000-00007ff866cc0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
297c98.2118: 00007ff866cc1000-00007ff866e39fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
298c98.2118: 00007ff866e3a000-00007ff866feefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
299c98.2118: 00007ff866fef000-00007ff866ff3fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
300c98.2118: 00007ff866ff4000-00007ff86703cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
301c98.2118: 00007ff86703d000-00007ff86811ffff 0x0001/0x0000 0x0000000
302c98.2118: *00007ff868120000-00007ff868120fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
303c98.2118: 00007ff868121000-00007ff86819dfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
304c98.2118: 00007ff86819e000-00007ff8681d1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
305c98.2118: 00007ff8681d2000-00007ff8681d2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
306c98.2118: 00007ff8681d3000-00007ff8681d3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
307c98.2118: 00007ff8681d4000-00007ff8681dcfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
308c98.2118: 00007ff8681dd000-00007ff86935ffff 0x0001/0x0000 0x0000000
309c98.2118: *00007ff869360000-00007ff869360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
310c98.2118: 00007ff869361000-00007ff86948bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
311c98.2118: 00007ff86948c000-00007ff8694d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
312c98.2118: 00007ff8694d4000-00007ff8694d4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
313c98.2118: 00007ff8694d5000-00007ff8694d6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
314c98.2118: 00007ff8694d7000-00007ff8694dffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
315c98.2118: 00007ff8694e0000-00007ff869568fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
316c98.2118: 00007ff869569000-00007ffffffeffff 0x0001/0x0000 0x0000000
317c98.2118: kernel32.dll: timestamp 0xafec8296 (rc=VINF_SUCCESS)
318c98.2118: kernelbase.dll: timestamp 0x7efab3dc (rc=VINF_SUCCESS)
319c98.2118: apphelp.dll: timestamp 0x3c3af44a (rc=VINF_SUCCESS)
320c98.2118: VirtualBoxVM.exe: timestamp 0x6310b1ca (rc=VINF_SUCCESS)
321c98.2118: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
322c98.2118: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
323c98.2118: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
324c98.2118: kernel32.dll: Differences in section #2 (.rdata) between file and memory:
325c98.2118: 00007ff8681a18d8 / 0x00818d8: 10 != 00
326c98.2118: 00007ff8681a18d9 / 0x00818d9: 4c != 24
327c98.2118: 00007ff8681a18da / 0x00818da: 40 != a3
328c98.2118: 00007ff8681a18db / 0x00818db: 69 != 63
329c98.2118: 00007ff8681a1cd0 / 0x0081cd0: 00 != 70
330c98.2118: 00007ff8681a1cd1 / 0x0081cd1: 45 != 23
331c98.2118: 00007ff8681a1cd2 / 0x0081cd2: 40 != a3
332c98.2118: 00007ff8681a1cd3 / 0x0081cd3: 69 != 63
333c98.2118: 00007ff8681a1e60 / 0x0081e60: c0 != 80
334c98.2118: 00007ff8681a1e61 / 0x0081e61: 4a != 21
335c98.2118: 00007ff8681a1e62 / 0x0081e62: 40 != a3
336c98.2118: 00007ff8681a1e63 / 0x0081e63: 69 != 63
337c98.2118: Restored 0x2000 bytes of original file content at 00007ff8681a0000
338c98.2118: kernel32.dll: Differences in section #2 (.rdata) between file and memory:
339c98.2118: 00007ff8681a2268 / 0x0082268: c0 != 80
340c98.2118: 00007ff8681a2269 / 0x0082269: 4a != 21
341c98.2118: 00007ff8681a226a / 0x008226a: 40 != a3
342c98.2118: 00007ff8681a226b / 0x008226b: 69 != 63
343c98.2118: Restored 0x2000 bytes of original file content at 00007ff8681a2000
344c98.2118: kernelbase.dll: Differences in section #2 (.rdata) between file and memory:
345c98.2118: 00007ff866f03608 / 0x0243608: 00 != 70
346c98.2118: 00007ff866f03609 / 0x0243609: 45 != 23
347c98.2118: 00007ff866f0360a / 0x024360a: 40 != a3
348c98.2118: 00007ff866f0360b / 0x024360b: 69 != 63
349c98.2118: 00007ff866f03640 / 0x0243640: c0 != 80
350c98.2118: 00007ff866f03641 / 0x0243641: 4a != 21
351c98.2118: 00007ff866f03642 / 0x0243642: 40 != a3
352c98.2118: 00007ff866f03643 / 0x0243643: 69 != 63
353c98.2118: 00007ff866f03778 / 0x0243778: 10 != 00
354c98.2118: 00007ff866f03779 / 0x0243779: 4c != 24
355c98.2118: 00007ff866f0377a / 0x024377a: 40 != a3
356c98.2118: 00007ff866f0377b / 0x024377b: 69 != 63
357c98.2118: 00007ff866f03f38 / 0x0243f38: 10 != 00
358c98.2118: 00007ff866f03f39 / 0x0243f39: 4c != 24
359c98.2118: 00007ff866f03f3a / 0x0243f3a: 40 != a3
360c98.2118: 00007ff866f03f3b / 0x0243f3b: 69 != 63
361c98.2118: Restored 0x2000 bytes of original file content at 00007ff866f02000
362c98.2118: apphelp.dll: Differences in section #2 (.rdata) between file and memory:
363c98.2118: 00007ff863a40fb8 / 0x0050fb8: 10 != d0
364c98.2118: 00007ff863a40fb9 / 0x0050fb9: 81 != 2b
365c98.2118: 00007ff863a40fba / 0x0050fba: d1 != 14
366c98.2118: 00007ff863a40fbb / 0x0050fbb: 66 != 68
367c98.2118: 00007ff863a40fc0 / 0x0050fc0: 00 != b0
368c98.2118: 00007ff863a40fc1 / 0x0050fc1: ba != aa
369c98.2118: 00007ff863a40fc2 / 0x0050fc2: d2 != 13
370c98.2118: 00007ff863a40fc3 / 0x0050fc3: 66 != 68
371c98.2118: 00007ff863a40fc8 / 0x0050fc8: 10 != e0
372c98.2118: 00007ff863a40fc9 / 0x0050fc9: 1a != 2b
373c98.2118: 00007ff863a40fca / 0x0050fca: d1 != 14
374c98.2118: 00007ff863a40fcb / 0x0050fcb: 66 != 68
375c98.2118: 00007ff863a40fd0 / 0x0050fd0: 70 != d0
376c98.2118: 00007ff863a40fd1 / 0x0050fd1: 9b != 93
377c98.2118: 00007ff863a40fd2 / 0x0050fd2: d1 != 13
378c98.2118: 00007ff863a40fd3 / 0x0050fd3: 66 != 68
379c98.2118: 00007ff863a40fd8 / 0x0050fd8: d0 != 70
380c98.2118: 00007ff863a40fd9 / 0x0050fd9: 95 != 61
381c98.2118: 00007ff863a40fda / 0x0050fda: cd != 12
382c98.2118: 00007ff863a40fdb / 0x0050fdb: 66 != 68
383c98.2118: 00007ff863a40fe0 / 0x0050fe0: 20 != 00
384c98.2118: 00007ff863a40fe1 / 0x0050fe1: 12 != f8
385c98.2118: 00007ff863a40fe2 / 0x0050fe2: d3 != 13
386c98.2118: 00007ff863a40fe3 / 0x0050fe3: 66 != 68
387c98.2118: 00007ff863a40fe8 / 0x0050fe8: 20 != 00
388c98.2118: 00007ff863a40fe9 / 0x0050fe9: d3 != a7
389c98.2118: 00007ff863a40fea / 0x0050fea: d1 != 13
390c98.2118: 00007ff863a40feb / 0x0050feb: 66 != 68
391c98.2118: 00007ff863a40ff8 / 0x0050ff8: 30 != f0
392c98.2118: 00007ff863a40ff9 / 0x0050ff9: 4d != 9c
393c98.2118: 00007ff863a40ffa / 0x0050ffa: cf != 13
394c98.2118: 00007ff863a40ffb / 0x0050ffb: 66 != 68
395c98.2118: Restored 0x2000 bytes of original file content at 00007ff863a3f000
396c98.2118: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=4
397c98.2118: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
398c98.2118: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
399c98.2118: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
400c98.2118: supR3HardNtEnableThreadCreationEx:
401c98.2118: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8693db010 pvNtTerminateThread=00007ff869404a80
402c98.2118: supR3HardenedWinDoReSpawn(1): New child 788c.7bd4 [kernel32].
403c98.2118: supR3HardNtChildGatherData: PebBaseAddress=00000000005ab000 cbPeb=0x388
404c98.2118: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff869360000 uNtDllChildAddr=00007ff869360000
405c98.2118: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff8693db010
406c98.2118: supR3HardenedWinSetupChildInit: Initial context:
407 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff79c2b7900 rdx=00000000005ab000
408 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
409 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
410 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
411 rip=00007ff869364830 rsp=00000000006ffd68 rbp=0000000000000000 ctxflags=0010001b
412 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
413 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
414 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
415 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
416 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
417c98.2118: supR3HardenedWinSetupChildInit: Start child.
418c98.2118: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
419c98.2118: supR3HardNtChildPurify: Startup delay kludge #1/0: 529 ms, 39 sleeps
420c98.2118: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
421c98.2118: *0000000000000000-000000000039ffff 0x0001/0x0000 0x0000000
422c98.2118: *00000000003a0000-00000000003bffff 0x0004/0x0004 0x0020000
423c98.2118: *00000000003c0000-00000000003defff 0x0002/0x0002 0x0040000
424c98.2118: 00000000003df000-00000000003dffff 0x0001/0x0000 0x0000000
425c98.2118: *00000000003e0000-00000000003e3fff 0x0002/0x0002 0x0040000
426c98.2118: 00000000003e4000-00000000003effff 0x0001/0x0000 0x0000000
427c98.2118: *00000000003f0000-00000000003f1fff 0x0004/0x0004 0x0020000
428c98.2118: 00000000003f2000-00000000003fffff 0x0001/0x0000 0x0000000
429c98.2118: *0000000000400000-00000000005aafff 0x0000/0x0004 0x0020000
430c98.2118: 00000000005ab000-00000000005adfff 0x0004/0x0004 0x0020000
431c98.2118: 00000000005ae000-00000000005fffff 0x0000/0x0004 0x0020000
432c98.2118: *0000000000600000-00000000006fafff 0x0000/0x0004 0x0020000
433c98.2118: 00000000006fb000-00000000006fdfff 0x0104/0x0004 0x0020000
434c98.2118: 00000000006fe000-00000000006fffff 0x0004/0x0004 0x0020000
435c98.2118: 0000000000700000-000000007ffdffff 0x0001/0x0000 0x0000000
436c98.2118: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
437c98.2118: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
438c98.2118: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
439c98.2118: 000000007fff0000-00007ff59833ffff 0x0001/0x0000 0x0000000
440c98.2118: *00007ff598340000-00007ff598340fff 0x0002/0x0002 0x0040000
441c98.2118: 00007ff598341000-00007ff79c2affff 0x0001/0x0000 0x0000000
442c98.2118: *00007ff79c2b0000-00007ff79c2b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
443c98.2118: 00007ff79c2b1000-00007ff79c328fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
444c98.2118: 00007ff79c329000-00007ff79c329fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
445c98.2118: 00007ff79c32a000-00007ff79c373fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
446c98.2118: 00007ff79c374000-00007ff79c374fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
447c98.2118: 00007ff79c375000-00007ff79c375fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
448c98.2118: 00007ff79c376000-00007ff79c37afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
449c98.2118: 00007ff79c37b000-00007ff79c37bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
450c98.2118: 00007ff79c37c000-00007ff79c37cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
451c98.2118: 00007ff79c37d000-00007ff79c380fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
452c98.2118: 00007ff79c381000-00007ff79c3c9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
453c98.2118: 00007ff79c3ca000-00007ff86935ffff 0x0001/0x0000 0x0000000
454c98.2118: *00007ff869360000-00007ff869360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
455c98.2118: 00007ff869361000-00007ff86948bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
456c98.2118: 00007ff86948c000-00007ff8694d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
457c98.2118: 00007ff8694d4000-00007ff8694dffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
458c98.2118: 00007ff8694e0000-00007ff8694eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
459c98.2118: 00007ff8694ef000-00007ff8694effff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
460c98.2118: 00007ff8694f0000-00007ff8694f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
461c98.2118: 00007ff8694f3000-00007ff869568fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
462c98.2118: 00007ff869569000-00007ffffffeffff 0x0001/0x0000 0x0000000
463c98.2118: supR3HardNtChildPurify: Done after 531 ms and 0 fixes (loop #0).
464788c.7bd4: Log file opened: 6.1.38r153438 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa055f000
465788c.7bd4: supR3HardenedVmProcessInit: uNtDllAddr=00007ff869360000 g_uNtVerCombined=0xa055f000 (stack ~00000000006ff7e8)
466788c.7bd4: ntdll.dll: timestamp 0x3907dfbc (rc=VINF_SUCCESS)
467788c.7bd4: New simple heap: #1 0000000000800000 LB 0x800000 (for 2134016 allocation)
468c98.2118: supR3HardNtEnableThreadCreationEx:
469788c.7bd4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
470788c.7bd4: System32: \Device\HarddiskVolume3\Windows\System32
471788c.7bd4: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
472788c.7bd4: KnownDllPath: C:\windows\System32
473788c.7bd4: supR3HardenedVmProcessInit: Opening vboxsup stub...
474788c.7bd4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
475788c.7bd4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
476788c.7bd4: Registered Dll notification callback with NTDLL.
477788c.7bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
478788c.7bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
479788c.7bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
480788c.7bd4: supR3HardenedDllNotificationCallback: load 00007ff866cc0000 LB 0x0037d000 C:\windows\System32\KERNELBASE.dll [fFlags=0x0]
481788c.7bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
482788c.7bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
483788c.7bd4: supR3HardenedDllNotificationCallback: load 00007ff868120000 LB 0x000bd000 C:\windows\System32\KERNEL32.DLL [fFlags=0x0]
484788c.7bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
485788c.7bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868120000 'C:\windows\System32\KERNEL32.DLL'
486788c.7bd4: supR3HardenedDllNotificationCallback: load 00007ff79c2b0000 LB 0x0011a000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
487788c.7bd4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
488788c.7bd4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
489788c.7bd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
490788c.7bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
491788c.7bd4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8693db010 pvNtTerminateThread=00007ff869404a80
492c98.2118: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 107 ms.
493788c.7bd4: \SystemRoot\System32\ntdll.dll:
494788c.7bd4: CreationTime: 2022-08-23T05:05:16.814581400Z
495788c.7bd4: LastWriteTime: 2022-08-23T05:05:16.908846800Z
496788c.7bd4: ChangeTime: 2022-08-23T07:39:08.803998400Z
497788c.7bd4: FileAttributes: 0x20
498788c.7bd4: Size: 0x207df0
499788c.7bd4: NT Headers: 0xe0
500788c.7bd4: Timestamp: 0x3907dfbc
501788c.7bd4: Machine: 0x8664 - amd64
502788c.7bd4: Timestamp: 0x3907dfbc
503788c.7bd4: Image Version: 10.0
504788c.7bd4: SizeOfImage: 0x209000 (2134016)
505788c.7bd4: Resource Dir: 0x194000 LB 0x73528
506788c.7bd4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
507788c.7bd4: [Raw version resource data: 0x1940f0 LB 0x380, codepage 0x0 (reserved 0x0)]
508788c.7bd4: ProductName: Microsoft® Windows® Operating System
509788c.7bd4: ProductVersion: 10.0.22000.832
510788c.7bd4: FileVersion: 10.0.22000.832 (WinBuild.160101.0800)
511788c.7bd4: FileDescription: NT Layer DLL
512788c.7bd4: \SystemRoot\System32\kernel32.dll:
513788c.7bd4: CreationTime: 2022-08-23T05:04:56.343099500Z
514788c.7bd4: LastWriteTime: 2022-08-23T05:04:56.374396100Z
515788c.7bd4: ChangeTime: 2022-08-23T07:39:27.942674600Z
516788c.7bd4: FileAttributes: 0x20
517788c.7bd4: Size: 0xc0058
518788c.7bd4: NT Headers: 0xf8
519788c.7bd4: Timestamp: 0xafec8296
520788c.7bd4: Machine: 0x8664 - amd64
521788c.7bd4: Timestamp: 0xafec8296
522788c.7bd4: Image Version: 10.0
523788c.7bd4: SizeOfImage: 0xbd000 (774144)
524788c.7bd4: Resource Dir: 0xbb000 LB 0x520
525788c.7bd4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
526788c.7bd4: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
527788c.7bd4: ProductName: Microsoft® Windows® Operating System
528788c.7bd4: ProductVersion: 10.0.22000.708
529788c.7bd4: FileVersion: 10.0.22000.708 (WinBuild.160101.0800)
530788c.7bd4: FileDescription: Windows NT BASE API Client DLL
531788c.7bd4: \SystemRoot\System32\KernelBase.dll:
532788c.7bd4: CreationTime: 2022-08-23T05:05:18.717226800Z
533788c.7bd4: LastWriteTime: 2022-08-23T05:05:18.967797400Z
534788c.7bd4: ChangeTime: 2022-08-23T07:39:28.052050900Z
535788c.7bd4: FileAttributes: 0x20
536788c.7bd4: Size: 0x384300
537788c.7bd4: NT Headers: 0xf8
538788c.7bd4: Timestamp: 0x7efab3dc
539788c.7bd4: Machine: 0x8664 - amd64
540788c.7bd4: Timestamp: 0x7efab3dc
541788c.7bd4: Image Version: 10.0
542788c.7bd4: SizeOfImage: 0x37d000 (3657728)
543788c.7bd4: Resource Dir: 0x34d000 LB 0x548
544788c.7bd4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
545788c.7bd4: [Raw version resource data: 0x34d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
546788c.7bd4: ProductName: Microsoft® Windows® Operating System
547788c.7bd4: ProductVersion: 10.0.22000.832
548788c.7bd4: FileVersion: 10.0.22000.832 (WinBuild.160101.0800)
549788c.7bd4: FileDescription: Windows NT BASE API Client DLL
550788c.7bd4: \SystemRoot\System32\apisetschema.dll:
551788c.7bd4: CreationTime: 2021-06-05T12:04:59.928787900Z
552788c.7bd4: LastWriteTime: 2021-06-05T12:04:59.928787900Z
553788c.7bd4: ChangeTime: 2022-08-23T05:10:48.345749900Z
554788c.7bd4: FileAttributes: 0x20
555788c.7bd4: Size: 0x24150
556788c.7bd4: NT Headers: 0xc8
557788c.7bd4: Timestamp: 0x68d1dbaf
558788c.7bd4: Machine: 0x8664 - amd64
559788c.7bd4: Timestamp: 0x68d1dbaf
560788c.7bd4: Image Version: 10.0
561788c.7bd4: SizeOfImage: 0x23000 (143360)
562788c.7bd4: Resource Dir: 0x22000 LB 0x408
563788c.7bd4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
564788c.7bd4: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
565788c.7bd4: ProductName: Microsoft® Windows® Operating System
566788c.7bd4: ProductVersion: 10.0.22000.1
567788c.7bd4: FileVersion: 10.0.22000.1 (WinBuild.160101.0800)
568788c.7bd4: FileDescription: ApiSet Schema DLL
569788c.7bd4: Found driver cfwids (0x20)
570788c.7bd4: Found driver mfencbdc (0x20)
571788c.7bd4: Found driver mfewfpk (0x20)
572788c.7bd4: Found driver mfehidk (0x20)
573788c.7bd4: Found driver mfeavfk (0x20)
574788c.7bd4: Found driver mfefirek (0x20)
575788c.7bd4: supR3HardenedWinFindAdversaries: 0x20
576788c.7bd4: \SystemRoot\System32\drivers\cfwids.sys:
577788c.7bd4: CreationTime: 2021-09-28T22:02:42.000000000Z
578788c.7bd4: LastWriteTime: 2022-06-09T18:39:00.000000000Z
579788c.7bd4: ChangeTime: 2022-08-24T08:15:20.667509000Z
580788c.7bd4: FileAttributes: 0x20
581788c.7bd4: Size: 0x12860
582788c.7bd4: NT Headers: 0xe0
583788c.7bd4: Timestamp: 0x62544d2b
584788c.7bd4: Machine: 0x8664 - amd64
585788c.7bd4: Timestamp: 0x62544d2b
586788c.7bd4: Image Version: 10.0
587788c.7bd4: SizeOfImage: 0x13000 (77824)
588788c.7bd4: Resource Dir: 0x11000 LB 0x550
589788c.7bd4: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
590788c.7bd4: [Raw version resource data: 0x110a0 LB 0x318, codepage 0x0 (reserved 0x0)]
591788c.7bd4: ProductName: SYSCORE
592788c.7bd4: ProductVersion: 22.4.0.226
593788c.7bd4: FileVersion: SYSCORE.22.4.0.226
594788c.7bd4: PrivateBuild: SYSCORE.22.4.0.226
595788c.7bd4: FileDescription: McAfee Personal Firewall IDS Plugin
596788c.7bd4: \SystemRoot\System32\drivers\mfeavfk.sys:
597788c.7bd4: CreationTime: 2022-06-09T18:39:00.000000000Z
598788c.7bd4: LastWriteTime: 2022-06-09T18:39:00.000000000Z
599788c.7bd4: ChangeTime: 2022-08-28T17:51:22.648106800Z
600788c.7bd4: FileAttributes: 0x20
601788c.7bd4: Size: 0x54e68
602788c.7bd4: NT Headers: 0xf0
603788c.7bd4: Timestamp: 0x62544d2b
604788c.7bd4: Machine: 0x8664 - amd64
605788c.7bd4: Timestamp: 0x62544d2b
606788c.7bd4: Image Version: 10.0
607788c.7bd4: SizeOfImage: 0x54000 (344064)
608788c.7bd4: Resource Dir: 0x52000 LB 0x758
609788c.7bd4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
610788c.7bd4: [Raw version resource data: 0x52110 LB 0x334, codepage 0x0 (reserved 0x0)]
611788c.7bd4: ProductName: SYSCORE
612788c.7bd4: ProductVersion: 22.4.0.226
613788c.7bd4: FileVersion: SYSCORE.22.4.0.226
614788c.7bd4: PrivateBuild: SYSCORE.22.4.0.226 F15,F16,F19
615788c.7bd4: FileDescription: Anti-Virus File System Filter Driver
616788c.7bd4: \SystemRoot\System32\drivers\mfefirek.sys:
617788c.7bd4: CreationTime: 2021-09-28T22:02:42.000000000Z
618788c.7bd4: LastWriteTime: 2022-06-09T18:39:14.000000000Z
619788c.7bd4: ChangeTime: 2022-08-24T08:15:19.882509100Z
620788c.7bd4: FileAttributes: 0x20
621788c.7bd4: Size: 0x6c268
622788c.7bd4: NT Headers: 0xd8
623788c.7bd4: Timestamp: 0x62544d54
624788c.7bd4: Machine: 0x8664 - amd64
625788c.7bd4: Timestamp: 0x62544d54
626788c.7bd4: Image Version: 10.0
627788c.7bd4: SizeOfImage: 0x6c000 (442368)
628788c.7bd4: Resource Dir: 0x6a000 LB 0x388
629788c.7bd4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
630788c.7bd4: [Raw version resource data: 0x6a060 LB 0x328, codepage 0x0 (reserved 0x0)]
631788c.7bd4: ProductName: SYSCORE
632788c.7bd4: ProductVersion: 22.4.0.226
633788c.7bd4: FileVersion: SYSCORE.22.4.0.226
634788c.7bd4: PrivateBuild: SYSCORE.22.4.0.226 F17,F18
635788c.7bd4: FileDescription: McAfee Core Firewall Engine Driver
636788c.7bd4: \SystemRoot\System32\drivers\mfehidk.sys:
637788c.7bd4: CreationTime: 2021-09-28T22:02:40.000000000Z
638788c.7bd4: LastWriteTime: 2022-06-09T18:39:14.000000000Z
639788c.7bd4: ChangeTime: 2022-08-24T07:47:34.144476400Z
640788c.7bd4: FileAttributes: 0x20
641788c.7bd4: Size: 0xdfc80
642788c.7bd4: NT Headers: 0xf0
643788c.7bd4: Timestamp: 0x62544e36
644788c.7bd4: Machine: 0x8664 - amd64
645788c.7bd4: Timestamp: 0x62544e36
646788c.7bd4: Image Version: 10.0
647788c.7bd4: SizeOfImage: 0xe9000 (954368)
648788c.7bd4: Resource Dir: 0xe6000 LB 0x780
649788c.7bd4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
650788c.7bd4: [Raw version resource data: 0xe6110 LB 0x320, codepage 0x0 (reserved 0x0)]
651788c.7bd4: ProductName: SYSCORE
652788c.7bd4: ProductVersion: 22.4.0.226
653788c.7bd4: FileVersion: SYSCORE.22.4.0.226
654788c.7bd4: PrivateBuild: SYSCORE.22.4.0.226 F14,F15,F16,F18,F20
655788c.7bd4: FileDescription: McAfee Link Driver
656788c.7bd4: \SystemRoot\System32\drivers\mfencbdc.sys:
657788c.7bd4: CreationTime: 2022-06-01T14:25:20.000000000Z
658788c.7bd4: LastWriteTime: 2022-06-01T14:25:20.000000000Z
659788c.7bd4: ChangeTime: 2022-08-28T17:51:22.663731300Z
660788c.7bd4: FileAttributes: 0x20
661788c.7bd4: Size: 0x9f678
662788c.7bd4: NT Headers: 0xd8
663788c.7bd4: Timestamp: 0x62452dd6
664788c.7bd4: Machine: 0x8664 - amd64
665788c.7bd4: Timestamp: 0x62452dd6
666788c.7bd4: Image Version: 10.0
667788c.7bd4: SizeOfImage: 0xb2000 (729088)
668788c.7bd4: Resource Dir: 0xb0000 LB 0x3e0
669788c.7bd4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
670788c.7bd4: [Raw version resource data: 0xb0060 LB 0x380, codepage 0x0 (reserved 0x0)]
671788c.7bd4: ProductName: Anti-Malware Core
672788c.7bd4: ProductVersion: 22.4.0
673788c.7bd4: FileVersion: Anti-Malware Core.22.4.0.479
674788c.7bd4: PrivateBuild: Anti-Malware Core.22.4.0.479
675788c.7bd4: FileDescription: Event Driver
676788c.7bd4: \SystemRoot\System32\drivers\mfewfpk.sys:
677788c.7bd4: CreationTime: 2021-09-28T22:02:42.000000000Z
678788c.7bd4: LastWriteTime: 2022-06-09T18:39:14.000000000Z
679788c.7bd4: ChangeTime: 2022-08-24T06:57:40.275170800Z
680788c.7bd4: FileAttributes: 0x20
681788c.7bd4: Size: 0x38c68
682788c.7bd4: NT Headers: 0xe0
683788c.7bd4: Timestamp: 0x62544d36
684788c.7bd4: Machine: 0x8664 - amd64
685788c.7bd4: Timestamp: 0x62544d36
686788c.7bd4: Image Version: 10.0
687788c.7bd4: SizeOfImage: 0x53000 (339968)
688788c.7bd4: Resource Dir: 0x51000 LB 0x380
689788c.7bd4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
690788c.7bd4: [Raw version resource data: 0x51060 LB 0x320, codepage 0x0 (reserved 0x0)]
691788c.7bd4: ProductName: SYSCORE
692788c.7bd4: ProductVersion: 22.4.0.226
693788c.7bd4: FileVersion: SYSCORE.22.4.0.226
694788c.7bd4: PrivateBuild: SYSCORE.22.4.0.226 F17,F18
695788c.7bd4: FileDescription: Anti-Virus Mini-Firewall Driver
696788c.7bd4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
697788c.7bd4: Calling main()
698788c.7bd4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
699788c.7bd4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
700788c.7bd4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
701788c.7bd4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
702788c.7bd4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
703788c.7bd4: SUPR3HardenedMain: Respawn #2
704788c.7bd4: supR3HardNtEnableThreadCreationEx:
705788c.7bd4: supR3HardenedDllNotificationCallback: load 00007ff868e00000 LB 0x0009e000 C:\windows\System32\sechost.dll [fFlags=0x0]
706788c.7bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
707788c.7bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
708788c.7bd4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
709788c.7bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
710788c.7bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
711788c.7bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
712788c.7bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\System32\ntdll.dll'
713788c.7bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll [lacks WinVerifyTrust]
714788c.7bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\KernelBase.dll (Input=KernelBase, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
715788c.7bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'C:\windows\System32\KernelBase.dll'
716788c.7bd4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)
717788c.7bd4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
718788c.7bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
719788c.7bd4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
720788c.7bd4: supR3HardenedDllNotificationCallback: load 00007ff8639f0000 LB 0x00091000 C:\windows\system32\apphelp.dll [fFlags=0x0]
721788c.7bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
722788c.7bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll [lacks WinVerifyTrust]
723788c.7bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
724788c.7bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\System32\ntdll.dll'
725788c.7bd4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll [lacks WinVerifyTrust]
726788c.7bd4: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
727788c.7bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\System32\ntdll.dll'
728788c.7bd4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8639f0000 'C:\windows\system32\apphelp.dll'
729788c.7bd4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8693db010 pvNtTerminateThread=00007ff869404a80
730788c.7bd4: supR3HardenedWinDoReSpawn(2): New child 1330.876c [kernel32].
731788c.7bd4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
732788c.7bd4: supR3HardNtChildGatherData: PebBaseAddress=0000000000c2d000 cbPeb=0x388
733788c.7bd4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff869360000 uNtDllChildAddr=00007ff869360000
734788c.7bd4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff8693db010
735788c.7bd4: supR3HardenedWinSetupChildInit: Initial context:
736 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff79c2b7900 rdx=0000000000c2d000
737 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
738 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
739 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
740 rip=00007ff869364830 rsp=0000000000effb28 rbp=0000000000000000 ctxflags=0010001b
741 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
742 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
743 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
744 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
745 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
746788c.7bd4: kernel32.dll: timestamp 0xafec8296 (rc=VINF_SUCCESS)
747788c.7bd4: supR3HardenedWinSetupChildInit: Start child.
748788c.7bd4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
749788c.7bd4: supR3HardNtChildPurify: Startup delay kludge #1/0: 523 ms, 38 sleeps
750788c.7bd4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
751788c.7bd4: *0000000000000000-0000000000b1ffff 0x0001/0x0000 0x0000000
752788c.7bd4: *0000000000b20000-0000000000b3ffff 0x0004/0x0004 0x0020000
753788c.7bd4: *0000000000b40000-0000000000b5efff 0x0002/0x0002 0x0040000
754788c.7bd4: 0000000000b5f000-0000000000b5ffff 0x0001/0x0000 0x0000000
755788c.7bd4: *0000000000b60000-0000000000b63fff 0x0002/0x0002 0x0040000
756788c.7bd4: 0000000000b64000-0000000000b6ffff 0x0001/0x0000 0x0000000
757788c.7bd4: *0000000000b70000-0000000000b71fff 0x0004/0x0004 0x0020000
758788c.7bd4: 0000000000b72000-0000000000bfffff 0x0001/0x0000 0x0000000
759788c.7bd4: *0000000000c00000-0000000000c2cfff 0x0000/0x0004 0x0020000
760788c.7bd4: 0000000000c2d000-0000000000c2ffff 0x0004/0x0004 0x0020000
761788c.7bd4: 0000000000c30000-0000000000dfffff 0x0000/0x0004 0x0020000
762788c.7bd4: *0000000000e00000-0000000000efafff 0x0000/0x0004 0x0020000
763788c.7bd4: 0000000000efb000-0000000000efdfff 0x0104/0x0004 0x0020000
764788c.7bd4: 0000000000efe000-0000000000efffff 0x0004/0x0004 0x0020000
765788c.7bd4: 0000000000f00000-000000007ffdffff 0x0001/0x0000 0x0000000
766788c.7bd4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
767788c.7bd4: 000000007ffe1000-000000007ffeefff 0x0001/0x0000 0x0000000
768788c.7bd4: *000000007ffef000-000000007ffeffff 0x0002/0x0002 0x0020000
769788c.7bd4: 000000007fff0000-00007ff5b55affff 0x0001/0x0000 0x0000000
770788c.7bd4: *00007ff5b55b0000-00007ff5b55b0fff 0x0002/0x0002 0x0040000
771788c.7bd4: 00007ff5b55b1000-00007ff79c2affff 0x0001/0x0000 0x0000000
772788c.7bd4: *00007ff79c2b0000-00007ff79c2b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
773788c.7bd4: 00007ff79c2b1000-00007ff79c328fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
774788c.7bd4: 00007ff79c329000-00007ff79c329fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
775788c.7bd4: 00007ff79c32a000-00007ff79c373fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
776788c.7bd4: 00007ff79c374000-00007ff79c374fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
777788c.7bd4: 00007ff79c375000-00007ff79c375fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
778788c.7bd4: 00007ff79c376000-00007ff79c37afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
779788c.7bd4: 00007ff79c37b000-00007ff79c37bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
780788c.7bd4: 00007ff79c37c000-00007ff79c37cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
781788c.7bd4: 00007ff79c37d000-00007ff79c380fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
782788c.7bd4: 00007ff79c381000-00007ff79c3c9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
783788c.7bd4: 00007ff79c3ca000-00007ff86935ffff 0x0001/0x0000 0x0000000
784788c.7bd4: *00007ff869360000-00007ff869360fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
785788c.7bd4: 00007ff869361000-00007ff86948bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
786788c.7bd4: 00007ff86948c000-00007ff8694d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
787788c.7bd4: 00007ff8694d4000-00007ff8694dffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
788788c.7bd4: 00007ff8694e0000-00007ff8694eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
789788c.7bd4: 00007ff8694ef000-00007ff8694effff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
790788c.7bd4: 00007ff8694f0000-00007ff8694f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
791788c.7bd4: 00007ff8694f3000-00007ff869568fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
792788c.7bd4: 00007ff869569000-00007ffffffeffff 0x0001/0x0000 0x0000000
793788c.7bd4: VirtualBoxVM.exe: timestamp 0x6310b1ca (rc=VINF_SUCCESS)
794788c.7bd4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
795788c.7bd4: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
796788c.7bd4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
797788c.7bd4: supR3HardNtChildPurify: Done after 562 ms and 0 fixes (loop #0).
7981330.876c: Log file opened: 6.1.38r153438 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa055f000
799788c.7bd4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000800000 LB 0x800000)
8001330.876c: supR3HardenedVmProcessInit: uNtDllAddr=00007ff869360000 g_uNtVerCombined=0xa055f000 (stack ~0000000000eff5a8)
801788c.7bd4: supR3HardNtEnableThreadCreationEx:
8021330.876c: ntdll.dll: timestamp 0x3907dfbc (rc=VINF_SUCCESS)
8031330.876c: New simple heap: #1 0000000001000000 LB 0x800000 (for 2134016 allocation)
8041330.876c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
8051330.876c: System32: \Device\HarddiskVolume3\Windows\System32
8061330.876c: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
8071330.876c: KnownDllPath: C:\windows\System32
8081330.876c: supR3HardenedVmProcessInit: Opening vboxsup...
8091330.876c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
8101330.876c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
8111330.876c: Registered Dll notification callback with NTDLL.
8121330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
8131330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
8141330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
8151330.876c: supR3HardenedDllNotificationCallback: load 00007ff866cc0000 LB 0x0037d000 C:\windows\System32\KERNELBASE.dll [fFlags=0x0]
8161330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
8171330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
8181330.876c: supR3HardenedDllNotificationCallback: load 00007ff868120000 LB 0x000bd000 C:\windows\System32\KERNEL32.DLL [fFlags=0x0]
8191330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
8201330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868120000 'C:\windows\System32\KERNEL32.DLL'
8211330.876c: supR3HardenedDllNotificationCallback: load 00007ff79c2b0000 LB 0x0011a000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
8221330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
8231330.876c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
8241330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
8251330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
8261330.876c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff8693db010 pvNtTerminateThread=00007ff869404a80
827788c.7bd4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 141 ms.
8281330.876c: \SystemRoot\System32\ntdll.dll:
8291330.876c: CreationTime: 2022-08-23T05:05:16.814581400Z
8301330.876c: LastWriteTime: 2022-08-23T05:05:16.908846800Z
8311330.876c: ChangeTime: 2022-08-23T07:39:08.803998400Z
8321330.876c: FileAttributes: 0x20
8331330.876c: Size: 0x207df0
8341330.876c: NT Headers: 0xe0
8351330.876c: Timestamp: 0x3907dfbc
8361330.876c: Machine: 0x8664 - amd64
8371330.876c: Timestamp: 0x3907dfbc
8381330.876c: Image Version: 10.0
8391330.876c: SizeOfImage: 0x209000 (2134016)
8401330.876c: Resource Dir: 0x194000 LB 0x73528
8411330.876c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
8421330.876c: [Raw version resource data: 0x1940f0 LB 0x380, codepage 0x0 (reserved 0x0)]
8431330.876c: ProductName: Microsoft® Windows® Operating System
8441330.876c: ProductVersion: 10.0.22000.832
8451330.876c: FileVersion: 10.0.22000.832 (WinBuild.160101.0800)
8461330.876c: FileDescription: NT Layer DLL
8471330.876c: \SystemRoot\System32\kernel32.dll:
8481330.876c: CreationTime: 2022-08-23T05:04:56.343099500Z
8491330.876c: LastWriteTime: 2022-08-23T05:04:56.374396100Z
8501330.876c: ChangeTime: 2022-08-23T07:39:27.942674600Z
8511330.876c: FileAttributes: 0x20
8521330.876c: Size: 0xc0058
8531330.876c: NT Headers: 0xf8
8541330.876c: Timestamp: 0xafec8296
8551330.876c: Machine: 0x8664 - amd64
8561330.876c: Timestamp: 0xafec8296
8571330.876c: Image Version: 10.0
8581330.876c: SizeOfImage: 0xbd000 (774144)
8591330.876c: Resource Dir: 0xbb000 LB 0x520
8601330.876c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
8611330.876c: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
8621330.876c: ProductName: Microsoft® Windows® Operating System
8631330.876c: ProductVersion: 10.0.22000.708
8641330.876c: FileVersion: 10.0.22000.708 (WinBuild.160101.0800)
8651330.876c: FileDescription: Windows NT BASE API Client DLL
8661330.876c: \SystemRoot\System32\KernelBase.dll:
8671330.876c: CreationTime: 2022-08-23T05:05:18.717226800Z
8681330.876c: LastWriteTime: 2022-08-23T05:05:18.967797400Z
8691330.876c: ChangeTime: 2022-08-23T07:39:28.052050900Z
8701330.876c: FileAttributes: 0x20
8711330.876c: Size: 0x384300
8721330.876c: NT Headers: 0xf8
8731330.876c: Timestamp: 0x7efab3dc
8741330.876c: Machine: 0x8664 - amd64
8751330.876c: Timestamp: 0x7efab3dc
8761330.876c: Image Version: 10.0
8771330.876c: SizeOfImage: 0x37d000 (3657728)
8781330.876c: Resource Dir: 0x34d000 LB 0x548
8791330.876c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
8801330.876c: [Raw version resource data: 0x34d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
8811330.876c: ProductName: Microsoft® Windows® Operating System
8821330.876c: ProductVersion: 10.0.22000.832
8831330.876c: FileVersion: 10.0.22000.832 (WinBuild.160101.0800)
8841330.876c: FileDescription: Windows NT BASE API Client DLL
8851330.876c: \SystemRoot\System32\apisetschema.dll:
8861330.876c: CreationTime: 2021-06-05T12:04:59.928787900Z
8871330.876c: LastWriteTime: 2021-06-05T12:04:59.928787900Z
8881330.876c: ChangeTime: 2022-08-23T05:10:48.345749900Z
8891330.876c: FileAttributes: 0x20
8901330.876c: Size: 0x24150
8911330.876c: NT Headers: 0xc8
8921330.876c: Timestamp: 0x68d1dbaf
8931330.876c: Machine: 0x8664 - amd64
8941330.876c: Timestamp: 0x68d1dbaf
8951330.876c: Image Version: 10.0
8961330.876c: SizeOfImage: 0x23000 (143360)
8971330.876c: Resource Dir: 0x22000 LB 0x408
8981330.876c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
8991330.876c: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
9001330.876c: ProductName: Microsoft® Windows® Operating System
9011330.876c: ProductVersion: 10.0.22000.1
9021330.876c: FileVersion: 10.0.22000.1 (WinBuild.160101.0800)
9031330.876c: FileDescription: ApiSet Schema DLL
9041330.876c: Found driver cfwids (0x20)
9051330.876c: Found driver mfencbdc (0x20)
9061330.876c: Found driver mfewfpk (0x20)
9071330.876c: Found driver mfehidk (0x20)
9081330.876c: Found driver mfeavfk (0x20)
9091330.876c: Found driver mfefirek (0x20)
9101330.876c: supR3HardenedWinFindAdversaries: 0x20
9111330.876c: \SystemRoot\System32\drivers\cfwids.sys:
9121330.876c: CreationTime: 2021-09-28T22:02:42.000000000Z
9131330.876c: LastWriteTime: 2022-06-09T18:39:00.000000000Z
9141330.876c: ChangeTime: 2022-08-24T08:15:20.667509000Z
9151330.876c: FileAttributes: 0x20
9161330.876c: Size: 0x12860
9171330.876c: NT Headers: 0xe0
9181330.876c: Timestamp: 0x62544d2b
9191330.876c: Machine: 0x8664 - amd64
9201330.876c: Timestamp: 0x62544d2b
9211330.876c: Image Version: 10.0
9221330.876c: SizeOfImage: 0x13000 (77824)
9231330.876c: Resource Dir: 0x11000 LB 0x550
9241330.876c: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
9251330.876c: [Raw version resource data: 0x110a0 LB 0x318, codepage 0x0 (reserved 0x0)]
9261330.876c: ProductName: SYSCORE
9271330.876c: ProductVersion: 22.4.0.226
9281330.876c: FileVersion: SYSCORE.22.4.0.226
9291330.876c: PrivateBuild: SYSCORE.22.4.0.226
9301330.876c: FileDescription: McAfee Personal Firewall IDS Plugin
9311330.876c: \SystemRoot\System32\drivers\mfeavfk.sys:
9321330.876c: CreationTime: 2022-06-09T18:39:00.000000000Z
9331330.876c: LastWriteTime: 2022-06-09T18:39:00.000000000Z
9341330.876c: ChangeTime: 2022-08-28T17:51:22.648106800Z
9351330.876c: FileAttributes: 0x20
9361330.876c: Size: 0x54e68
9371330.876c: NT Headers: 0xf0
9381330.876c: Timestamp: 0x62544d2b
9391330.876c: Machine: 0x8664 - amd64
9401330.876c: Timestamp: 0x62544d2b
9411330.876c: Image Version: 10.0
9421330.876c: SizeOfImage: 0x54000 (344064)
9431330.876c: Resource Dir: 0x52000 LB 0x758
9441330.876c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
9451330.876c: [Raw version resource data: 0x52110 LB 0x334, codepage 0x0 (reserved 0x0)]
9461330.876c: ProductName: SYSCORE
9471330.876c: ProductVersion: 22.4.0.226
9481330.876c: FileVersion: SYSCORE.22.4.0.226
9491330.876c: PrivateBuild: SYSCORE.22.4.0.226 F15,F16,F19
9501330.876c: FileDescription: Anti-Virus File System Filter Driver
9511330.876c: \SystemRoot\System32\drivers\mfefirek.sys:
9521330.876c: CreationTime: 2021-09-28T22:02:42.000000000Z
9531330.876c: LastWriteTime: 2022-06-09T18:39:14.000000000Z
9541330.876c: ChangeTime: 2022-08-24T08:15:19.882509100Z
9551330.876c: FileAttributes: 0x20
9561330.876c: Size: 0x6c268
9571330.876c: NT Headers: 0xd8
9581330.876c: Timestamp: 0x62544d54
9591330.876c: Machine: 0x8664 - amd64
9601330.876c: Timestamp: 0x62544d54
9611330.876c: Image Version: 10.0
9621330.876c: SizeOfImage: 0x6c000 (442368)
9631330.876c: Resource Dir: 0x6a000 LB 0x388
9641330.876c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
9651330.876c: [Raw version resource data: 0x6a060 LB 0x328, codepage 0x0 (reserved 0x0)]
9661330.876c: ProductName: SYSCORE
9671330.876c: ProductVersion: 22.4.0.226
9681330.876c: FileVersion: SYSCORE.22.4.0.226
9691330.876c: PrivateBuild: SYSCORE.22.4.0.226 F17,F18
9701330.876c: FileDescription: McAfee Core Firewall Engine Driver
9711330.876c: \SystemRoot\System32\drivers\mfehidk.sys:
9721330.876c: CreationTime: 2021-09-28T22:02:40.000000000Z
9731330.876c: LastWriteTime: 2022-06-09T18:39:14.000000000Z
9741330.876c: ChangeTime: 2022-08-24T07:47:34.144476400Z
9751330.876c: FileAttributes: 0x20
9761330.876c: Size: 0xdfc80
9771330.876c: NT Headers: 0xf0
9781330.876c: Timestamp: 0x62544e36
9791330.876c: Machine: 0x8664 - amd64
9801330.876c: Timestamp: 0x62544e36
9811330.876c: Image Version: 10.0
9821330.876c: SizeOfImage: 0xe9000 (954368)
9831330.876c: Resource Dir: 0xe6000 LB 0x780
9841330.876c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
9851330.876c: [Raw version resource data: 0xe6110 LB 0x320, codepage 0x0 (reserved 0x0)]
9861330.876c: ProductName: SYSCORE
9871330.876c: ProductVersion: 22.4.0.226
9881330.876c: FileVersion: SYSCORE.22.4.0.226
9891330.876c: PrivateBuild: SYSCORE.22.4.0.226 F14,F15,F16,F18,F20
9901330.876c: FileDescription: McAfee Link Driver
9911330.876c: \SystemRoot\System32\drivers\mfencbdc.sys:
9921330.876c: CreationTime: 2022-06-01T14:25:20.000000000Z
9931330.876c: LastWriteTime: 2022-06-01T14:25:20.000000000Z
9941330.876c: ChangeTime: 2022-08-28T17:51:22.663731300Z
9951330.876c: FileAttributes: 0x20
9961330.876c: Size: 0x9f678
9971330.876c: NT Headers: 0xd8
9981330.876c: Timestamp: 0x62452dd6
9991330.876c: Machine: 0x8664 - amd64
10001330.876c: Timestamp: 0x62452dd6
10011330.876c: Image Version: 10.0
10021330.876c: SizeOfImage: 0xb2000 (729088)
10031330.876c: Resource Dir: 0xb0000 LB 0x3e0
10041330.876c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
10051330.876c: [Raw version resource data: 0xb0060 LB 0x380, codepage 0x0 (reserved 0x0)]
10061330.876c: ProductName: Anti-Malware Core
10071330.876c: ProductVersion: 22.4.0
10081330.876c: FileVersion: Anti-Malware Core.22.4.0.479
10091330.876c: PrivateBuild: Anti-Malware Core.22.4.0.479
10101330.876c: FileDescription: Event Driver
10111330.876c: \SystemRoot\System32\drivers\mfewfpk.sys:
10121330.876c: CreationTime: 2021-09-28T22:02:42.000000000Z
10131330.876c: LastWriteTime: 2022-06-09T18:39:14.000000000Z
10141330.876c: ChangeTime: 2022-08-24T06:57:40.275170800Z
10151330.876c: FileAttributes: 0x20
10161330.876c: Size: 0x38c68
10171330.876c: NT Headers: 0xe0
10181330.876c: Timestamp: 0x62544d36
10191330.876c: Machine: 0x8664 - amd64
10201330.876c: Timestamp: 0x62544d36
10211330.876c: Image Version: 10.0
10221330.876c: SizeOfImage: 0x53000 (339968)
10231330.876c: Resource Dir: 0x51000 LB 0x380
10241330.876c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
10251330.876c: [Raw version resource data: 0x51060 LB 0x320, codepage 0x0 (reserved 0x0)]
10261330.876c: ProductName: SYSCORE
10271330.876c: ProductVersion: 22.4.0.226
10281330.876c: FileVersion: SYSCORE.22.4.0.226
10291330.876c: PrivateBuild: SYSCORE.22.4.0.226 F17,F18
10301330.876c: FileDescription: Anti-Virus Mini-Firewall Driver
10311330.876c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
10321330.876c: Calling main()
10331330.876c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
10341330.876c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
10351330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
10361330.876c: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
10371330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
10381330.876c: SUPR3HardenedMain: Final process, opening VBoxDrv...
10391330.876c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001000000 LB 0x800000)
10401330.876c: supR3HardNtEnableThreadCreationEx:
10411330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
10421330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
10431330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
10441330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10451330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
10461330.876c: supR3HardenedDllNotificationCallback: load 00007ff862390000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
10471330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
10481330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
10491330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff862390000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
10511330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
10521330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10531330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff862390000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
10541330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff862390000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
10551330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
10561330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
10571330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
10581330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
10591330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10601330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10611330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
10621330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
10631330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
10641330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
10651330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
10661330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
10671330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10681330.876c: supR3HardenedDllNotificationCallback: load 00007ff867b60000 LB 0x000a3000 C:\windows\System32\msvcrt.dll [fFlags=0x0]
10691330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
10701330.876c: supR3HardenedDllNotificationCallback: load 00007ff8681e0000 LB 0x00120000 C:\windows\System32\RPCRT4.dll [fFlags=0x0]
10711330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
10721330.876c: supR3HardenedDllNotificationCallback: load 00007ff867180000 LB 0x00067000 C:\windows\System32\Wintrust.dll [fFlags=0x0]
10731330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
10741330.876c: supR3HardenedDllNotificationCallback: load 00007ff866ba0000 LB 0x00111000 C:\windows\System32\ucrtbase.dll [fFlags=0x0]
10751330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
10761330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
10771330.876c: supR3HardenedDllNotificationCallback: load 00007ff866840000 LB 0x00162000 C:\windows\System32\CRYPT32.dll [fFlags=0x0]
10781330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
10791330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
10801330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
10811330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10821330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-synch-l1-2-0'
10831330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
10841330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10851330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-fibers-l1-1-1'
10861330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
10871330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10881330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-synch-l1-2-0'
10891330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
10901330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
10911330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-localization-l1-2-1'
10921330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
10931330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
10941330.876c: supR3HardenedDllNotificationCallback: load 00007ff866100000 LB 0x00012000 C:\windows\SYSTEM32\MSASN1.dll [fFlags=0x0]
10951330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
10961330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867180000 'C:\windows\system32\Wintrust.dll'
10971330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
10981330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
10991330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
11001330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11011330.876c: supR3HardenedDllNotificationCallback: load 00007ff866220000 LB 0x00027000 C:\windows\system32\bcrypt.dll [fFlags=0x0]
11021330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
11031330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866220000 'C:\windows\system32\bcrypt.dll'
11041330.876c: bcrypt.dll loaded at 00007ff866220000, BCryptOpenAlgorithmProvider at 00007ff866225a30, preloading providers:
11051330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
11061330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
11071330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11081330.876c: supR3HardenedDllNotificationCallback: load 00007ff867100000 LB 0x0007f000 C:\windows\System32\bcryptprimitives.dll [fFlags=0x0]
11091330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
11101330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867100000 'C:\windows\system32\bcryptprimitives.dll'
11111330.876c: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=000000000195fd30)
11121330.876c: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000001961b10)
11131330.876c: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000001961e60)
11141330.876c: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=00000000019621b0)
11151330.876c: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000001962500)
11161330.876c: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000001962850)
11171330.876c: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000001962ba0)
11181330.876c: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000001962ef0)
11191330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
11201330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
11211330.876c: supR3HardenedDllNotificationCallback: load 00007ff8660a0000 LB 0x00018000 C:\windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
11221330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
11231330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
11241330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
11251330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11261330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11271330.876c: supR3HardenedDllNotificationCallback: load 00007ff8658e0000 LB 0x00035000 C:\windows\system32\rsaenh.dll [fFlags=0x0]
11281330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11291330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
11301330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
11311330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
11321330.876c: supR3HardenedDllNotificationCallback: load 00007ff8660c0000 LB 0x0000c000 C:\windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
11331330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
11341330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
11351330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11361330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868120000 'C:\windows\System32\kernel32.dll'
11371330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
11381330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11391330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867180000 'C:\windows\System32\WINTRUST.DLL'
11401330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11411330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11421330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\CRYPT32.dll'
11431330.876c: supR3HardenedDllNotificationCallback: load 00007ff867920000 LB 0x0001f000 C:\windows\System32\imagehlp.dll [fFlags=0x0]
11441330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
11451330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
11461330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
11471330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11481330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
11491330.876c: supR3HardenedDllNotificationCallback: load 00007ff868e00000 LB 0x0009e000 C:\windows\System32\sechost.dll [fFlags=0x0]
11501330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
11511330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
11521330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11531330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
11541330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
11551330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
11561330.876c: supR3HardenedDllNotificationCallback: load 00007ff865e80000 LB 0x00024000 C:\windows\SYSTEM32\gpapi.dll [fFlags=0x0]
11571330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
11581330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
11591330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
11601330.876c: supR3HardenedDllNotificationCallback: load 00007ff866770000 LB 0x00021000 C:\windows\SYSTEM32\profapi.dll [fFlags=0x0]
11611330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
11621330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
11631330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
11641330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
11651330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
11661330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
11671330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
11681330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
11691330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11701330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11711330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11721330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
11731330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
11741330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
11751330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
11761330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
11771330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
11781330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11791330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11801330.876c: supR3HardenedDllNotificationCallback: load 00007ff8582e0000 LB 0x00031000 C:\windows\System32\cryptnet.dll [fFlags=0x0]
11811330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11821330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11831330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11841330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
11851330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11861330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11871330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
11881330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11891330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11901330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
11911330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11921330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11931330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
11941330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11951330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11961330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
11971330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
11981330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
11991330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12001330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12011330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12021330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12031330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12041330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12051330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12061330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12071330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12081330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12091330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12101330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\windows\System32\cryptnet.dll'
12111330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
12121330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8582e0000 'C:\Windows\System32\cryptnet.dll'
12131330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12141330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12151330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12161330.876c: supR3HardenedDllNotificationCallback: load 00007ff868310000 LB 0x000ae000 C:\windows\System32\advapi32.dll [fFlags=0x0]
12171330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
12181330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
12191330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
12201330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
12211330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
12221330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
12241330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
12251330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12261330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
12271330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
12281330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
12291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
12301330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
12311330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
12321330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12331330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12341330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12351330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12361330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12371330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
12381330.876c: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000019cf8e0
12391330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
12401330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E517A0D9FA618F1F9FA337F7B1A5C9354F6D0C78
12411330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
12421330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12431330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8681e0000 'C:\windows\System32\rpcrt4.dll'
12441330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12451330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12461330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12471330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12481330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12491330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12501330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\SystemRoot\System32\ntdll.dll'
12511330.876c: g_pfnWinVerifyTrust=00007ff8671904a0
12521330.876c: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
12531330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12541330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12551330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12561330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
12571330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12581330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12591330.876c: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
12601330.876c: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
12611330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12621330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12631330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12641330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
12651330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12661330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12671330.876c: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
12681330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12691330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12701330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12711330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12721330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
12731330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12741330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12751330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12761330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
12771330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12781330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12791330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12801330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
12811330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12821330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12831330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12841330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
12851330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12861330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12871330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12881330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
12891330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12901330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12911330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
12931330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12941330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12951330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
12961330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
12971330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
12981330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
12991330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
13001330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13011330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13021330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
13031330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
13041330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
13051330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13061330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13071330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
13081330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13091330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13101330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
13111330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13121330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13131330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
13141330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13151330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13161330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
13171330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13181330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13191330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll'
13201330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13211330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13221330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
13231330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13241330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13251330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
13261330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13271330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13281330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
13291330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13301330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13311330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
13321330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13331330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13341330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
13351330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13361330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13371330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
13381330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\system32\crypt32.dll'
13391330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
13401330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
13411330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
13421330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
13431330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
13441330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
13451330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
13461330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
13471330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
13481330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
13491330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
13501330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
13511330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
13521330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x670683072a91b300 C=US, O=Microsoft Corporation, CN=Microsoft Identity Verification Root Certificate Authority 2020
13531330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
13541330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
13551330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
13561330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
13571330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
13581330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
13591330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
13601330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
13611330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
13621330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
13631330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
13641330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
13651330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
13661330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
13671330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
13681330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xf966ca73e8079500 OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign
13691330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
13701330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
13711330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
13721330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xe87add30c52db600 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Code Signing Root R45
13731330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
13741330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
13751330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
13761330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
13771330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
13781330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
13791330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
13801330.876c: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
13811330.876c: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=42
13821330.876c: SUPR3HardenedMain: Load Runtime...
13831330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
13841330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13851330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13861330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
13871330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
13881330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
13891330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
13901330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
13911330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
13921330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
13931330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
13941330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
13951330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
13961330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
13971330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
13981330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
13991330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14001330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14011330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
14021330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14031330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14041330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
14051330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
14061330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
14071330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
14081330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
14091330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
14101330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
14111330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
14121330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
14131330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14141330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14151330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
14161330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14171330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14181330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
14191330.876c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14201330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
14211330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
14221330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
14231330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
14241330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14251330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
14261330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
14271330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
14281330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14291330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
14301330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
14311330.876c: supR3HardenedDllNotificationCallback: load 0000000077320000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
14321330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
14331330.876c: supR3HardenedDllNotificationCallback: load 00000000761d0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
14341330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
14351330.876c: supR3HardenedDllNotificationCallback: load 00007ff8692b0000 LB 0x0006f000 C:\windows\System32\WS2_32.dll [fFlags=0x0]
14361330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
14371330.876c: supR3HardenedDllNotificationCallback: load 00007fffb31e0000 LB 0x005fb000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
14381330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14391330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14401330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14411330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14421330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14431330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14441330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14451330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14461330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14471330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14481330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14491330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14511330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14521330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14531330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14541330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14551330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14561330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14571330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14581330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14591330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14601330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14611330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14621330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14631330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14641330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14651330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14661330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14671330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14681330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14691330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14701330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14711330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14721330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14731330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14741330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14751330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14761330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
14771330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
14781330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14791330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14801330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14811330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14821330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14831330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14841330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14851330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14861330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14871330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14881330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14891330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14901330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14911330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14931330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14941330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14951330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14961330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
14971330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
14981330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
14991330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15001330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15011330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15021330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15031330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15041330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15051330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15061330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15071330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15081330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15091330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15101330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15111330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15121330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15131330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15141330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15151330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15161330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15171330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15181330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
15191330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
15201330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15211330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15221330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15231330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15241330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15251330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15261330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15271330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15281330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15291330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15301330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15311330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15321330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15331330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15341330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15351330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15361330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15371330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15381330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15391330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15401330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15411330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15421330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15431330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15441330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15451330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15461330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15471330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15481330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15491330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15511330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15521330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15531330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15541330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15551330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15561330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15571330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15581330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15591330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15601330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15611330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15621330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15631330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15641330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15651330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15661330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15671330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15681330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15691330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15701330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15711330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15721330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15731330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15741330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15751330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15761330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15771330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15781330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15791330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15801330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15811330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15821330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15831330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15841330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15851330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15861330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15871330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15881330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15891330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15901330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15911330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15931330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15941330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15951330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
15961330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15971330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
15981330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
15991330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
16001330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
16011330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16021330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16031330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
16041330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
16051330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
16061330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
16071330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16081330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
16091330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
16101330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
16111330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
16121330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16131330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
16141330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
16151330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb31e0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
16161330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16171330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16181330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
16191330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
16201330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
16211330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867180000 'C:\windows\system32\Wintrust.dll'
16221330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
16231330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
16241330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16251330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16261330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16271330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16281330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\system32\crypt32.dll'
16291330.876c: SUPR3HardenedMain: Load TrustedMain...
16301330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
16311330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16321330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16331330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
16341330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
16351330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
16361330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
16371330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
16381330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
16391330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
16401330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
16411330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
16421330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
16431330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
16441330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
16451330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
16461330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
16471330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
16481330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
16491330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
16501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16511330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16521330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
16531330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
16541330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
16551330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16561330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16571330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
16581330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
16591330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
16601330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16611330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16621330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
16631330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
16641330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
16651330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
16661330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
16671330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16681330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16691330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16701330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16711330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
16721330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16731330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16741330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
16751330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
16761330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
16771330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
16781330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
16791330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
16801330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
16811330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
16821330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
16831330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16841330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16851330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
16861330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
16871330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
16881330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
16891330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'gdi32.dll'.
16901330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'user32.dll'.
16911330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
16921330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
16931330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
16941330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16951330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16961330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
16971330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
16981330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
16991330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17001330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17011330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
17021330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
17031330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
17041330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
17051330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
17061330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17071330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17081330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
17091330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
17101330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
17111330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
17121330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17131330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17141330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
17151330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17161330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17171330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
17181330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
17191330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
17201330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17211330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17221330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17241330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17251330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
17261330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
17271330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
17281330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
17291330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
17301330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust
17311330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
17321330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
17331330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
17341330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17351330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17361330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
17371330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17381330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17391330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
17401330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
17411330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
17421330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
17431330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
17441330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
17451330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
17461330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
17471330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
17481330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17491330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17501330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
17511330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17521330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17531330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17541330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
17551330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
17561330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
17571330.876c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
17581330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
17591330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
17601330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
17611330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
17621330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
17631330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
17641330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
17651330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
17661330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
17671330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
17681330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
17691330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
17701330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
17711330.876c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
17721330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
17731330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
17741330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
17751330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
17761330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
17771330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
17781330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
17791330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
17801330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
17811330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
17821330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
17831330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
17841330.876c: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
17851330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
17861330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
17871330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
17881330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
17891330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
17901330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
17911330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
17921330.876c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
17931330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
17941330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
17951330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
17961330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
17971330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
17981330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
17991330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
18001330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
18011330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
18021330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
18031330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
18041330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #71 'user32.dll'.
18051330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #73 'gdi32.dll'.
18061330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
18071330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
18081330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
18091330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
18101330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
18111330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
18121330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
18131330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
18141330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18151330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18161330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
18171330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18181330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18191330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18201330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18211330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18221330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
18231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
18241330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
18251330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
18261330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
18271330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
18281330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
18291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18301330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18311330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
18321330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18331330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18341330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18351330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
18361330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
18371330.876c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
18381330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18391330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
18401330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
18411330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
18421330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
18431330.876c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
18441330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
18451330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18461330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18471330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
18481330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
18491330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
18501330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
18511330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
18521330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
18531330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
18541330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
18551330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
18561330.876c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
18571330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
18581330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
18591330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
18601330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
18611330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
18621330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18631330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18641330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
18651330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
18661330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
18671330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
18681330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
18691330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
18701330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
18711330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18721330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18731330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
18741330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
18751330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
18761330.876c: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
18771330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
18781330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
18791330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
18801330.876c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
18811330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
18821330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18831330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18841330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18851330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18861330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18871330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
18881330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
18891330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
18901330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
18911330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
18921330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
18931330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
18941330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
18951330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
18961330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
18971330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
18981330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
18991330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
19001330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
19011330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
19021330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
19031330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
19041330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
19051330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
19061330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19071330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19081330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
19091330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
19101330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
19111330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
19121330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
19131330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
19141330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
19151330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
19161330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
19171330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
19181330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
19191330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
19201330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
19211330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
19221330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
19231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
19241330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
19251330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19261330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19271330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
19281330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19301330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
19311330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
19321330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
19331330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
19341330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
19351330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
19361330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
19371330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
19381330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
19391330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
19401330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19411330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19421330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
19431330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
19441330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
19451330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
19461330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
19471330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
19481330.876c: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
19491330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
19501330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
19511330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
19521330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
19531330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
19541330.876c: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
19551330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
19561330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
19571330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
19581330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
19591330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
19601330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
19611330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
19621330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
19631330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
19641330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
19651330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
19661330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
19671330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
19681330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
19691330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
19701330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
19711330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
19721330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
19731330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
19741330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
19751330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
19761330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
19771330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
19781330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
19791330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
19801330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
19811330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
19821330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
19831330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000444 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
19841330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
19851330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
19861330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D524BD25A743CA0A9032840CDC536A92793110A
19871330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
19881330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
19891330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
19901330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
19911330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
19921330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
19931330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
19941330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
19951330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
19961330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
19971330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
19981330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19991330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
20001330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
20011330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
20021330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
20031330.876c: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
20041330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
20051330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
20061330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
20071330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
20081330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
20091330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
20101330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
20111330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
20121330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
20131330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
20141330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
20151330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
20161330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpenGL-Package~31bf3856ad364e35~amd64~~10.0.22000.708.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
20171330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20181330.876c: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
20191330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
20201330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
20211330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
20221330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
20231330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
20241330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
20251330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
20261330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
20271330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
20281330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
20291330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
20301330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
20311330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
20321330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DXCore.dll)
20331330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DXCore.dll
20341330.876c: supR3HardenedDllNotificationCallback: load 00007ff866ad0000 LB 0x00026000 C:\windows\System32\win32u.dll [fFlags=0x0]
20351330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
20361330.876c: supR3HardenedDllNotificationCallback: load 00007ff866b00000 LB 0x0009d000 C:\windows\System32\msvcp_win.dll [fFlags=0x0]
20371330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
20381330.876c: supR3HardenedDllNotificationCallback: load 00007ff8669b0000 LB 0x00118000 C:\windows\System32\gdi32full.dll [fFlags=0x0]
20391330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
20401330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'gdi32.dll'.
20411330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'user32.dll'.
20421330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'win32u.dll'.
20431330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
20441330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
20451330.876c: supR3HardenedDllNotificationCallback: load 00007ff867dd0000 LB 0x00029000 C:\windows\System32\GDI32.dll [fFlags=0x0]
20461330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
20471330.876c: supR3HardenedDllNotificationCallback: load 00007ff8672f0000 LB 0x001ad000 C:\windows\System32\USER32.dll [fFlags=0x0]
20481330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [avoiding WinVerifyTrust]
20491330.876c: supR3HardenedDllNotificationCallback: load 00007ff868f30000 LB 0x00379000 C:\windows\System32\combase.dll [fFlags=0x0]
20501330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
20511330.876c: supR3HardenedDllNotificationCallback: load 00007ff863b90000 LB 0x00038000 C:\windows\SYSTEM32\dxcore.dll [fFlags=0x0]
20521330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
20531330.876c: supR3HardenedDllNotificationCallback: load 00007ff854ce0000 LB 0x0002d000 C:\windows\SYSTEM32\GLU32.dll [fFlags=0x0]
20541330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
20551330.876c: supR3HardenedDllNotificationCallback: load 00007ff826370000 LB 0x00101000 C:\windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
20561330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
20571330.876c: supR3HardenedDllNotificationCallback: load 00007ff868470000 LB 0x007b8000 C:\windows\System32\SHELL32.dll [fFlags=0x0]
20581330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
20591330.876c: supR3HardenedDllNotificationCallback: load 00007ff867e00000 LB 0x0019a000 C:\windows\System32\ole32.dll [fFlags=0x0]
20601330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
20611330.876c: supR3HardenedDllNotificationCallback: load 00007ff84fde0000 LB 0x0001d000 C:\windows\SYSTEM32\MPR.dll [fFlags=0x0]
20621330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
20631330.876c: supR3HardenedDllNotificationCallback: load 0000000075970000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
20641330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
20651330.876c: supR3HardenedDllNotificationCallback: load 00007fffb2be0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
20661330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
20671330.876c: supR3HardenedDllNotificationCallback: load 0000000075400000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
20681330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
20691330.876c: supR3HardenedDllNotificationCallback: load 00007ff867210000 LB 0x000d6000 C:\windows\System32\OLEAUT32.dll [fFlags=0x0]
20701330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
20711330.876c: supR3HardenedDllNotificationCallback: load 00007fffb08c0000 LB 0x02320000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
20721330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
20731330.876c: supR3HardenedDllNotificationCallback: load 00000000753a0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
20741330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
20751330.876c: supR3HardenedDllNotificationCallback: load 00007ff85d380000 LB 0x00033000 C:\windows\SYSTEM32\WINMM.dll [fFlags=0x0]
20761330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
20771330.876c: supR3HardenedDllNotificationCallback: load 00007ff800f10000 LB 0x001c9000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
20781330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
20791330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
20801330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
20811330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
20821330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
20831330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
20841330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
20851330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
20861330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
20871330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
20881330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
20891330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20901330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20911330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
20921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
20931330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
20941330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
20951330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
20961330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
20971330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
20981330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
20991330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21001330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21011330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
21021330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
21031330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
21041330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
21051330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21061330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
21071330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21081330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21091330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
21101330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21111330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
21121330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21131330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21141330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
21151330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21161330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
21171330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
21181330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
21191330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
21201330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
21211330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
21221330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
21231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
21241330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
21251330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21261330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
21271330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
21281330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
21291330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
21301330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
21311330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
21321330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
21331330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868120000 'C:\windows\System32\kernel32.dll'
21341330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21351330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21361330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
21371330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
21381330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21391330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21401330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21411330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21421330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21431330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21441330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21451330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21461330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21471330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21481330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21491330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21501330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21511330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21521330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
21531330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
21541330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21551330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21561330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21571330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21581330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
21591330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
21601330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21611330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21621330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21631330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21641330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21651330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21661330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21671330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21681330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21691330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21701330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21711330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21721330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21731330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21741330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
21751330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
21761330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
21771330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
21781330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
21791330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
21801330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-string-l1-1-0'
21811330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
21821330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
21831330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
21841330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
21851330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
21861330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
21871330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
21881330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
21891330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
21901330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
21911330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
21921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
21931330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
21941330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
21951330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
21961330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
21971330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
21981330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
21991330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
22001330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
22011330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22021330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22031330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
22041330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
22051330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
22061330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
22071330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
22081330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
22091330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
22101330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
22111330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
22121330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
22131330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
22141330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
22151330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
22161330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
22171330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
22181330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
22191330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
22201330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
22211330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
22221330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
22231330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22241330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22251330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
22261330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
22271330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-datetime-l1-1-1'
22281330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
22291330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
22301330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
22311330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
22321330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
22331330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
22341330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
22351330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
22361330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
22371330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
22381330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
22391330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
22401330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
22411330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
22421330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
22431330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
22441330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
22451330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
22461330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
22471330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
22481330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22491330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22501330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
22511330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
22521330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
22531330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
22541330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
22551330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
22561330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
22571330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
22581330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
22591330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
22601330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
22611330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
22621330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
22631330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
22641330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
22651330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
22661330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
22671330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
22681330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
22691330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
22701330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22711330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22721330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
22731330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
22741330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-localization-obsolete-l1-2-0'
22751330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
22761330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
22771330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
22781330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
22791330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
22801330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
22811330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
22821330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
22831330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
22841330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
22851330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
22861330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
22871330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
22881330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
22891330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
22901330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
22911330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
22921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
22931330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
22941330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
22951330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
22961330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
22971330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
22981330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
22991330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
23001330.876c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000046c (hFile=0000000000000450) with 0xc0000022 -> STATUS_TRUST_FAILURE
23011330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
23021330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
23031330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
23041330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
23051330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
23061330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
23071330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
23081330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
23091330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
23101330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
23111330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
23121330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
23131330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
23141330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
23151330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
23161330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
23171330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
23181330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
23191330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
23201330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
23211330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
23221330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
23231330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
23241330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
23251330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [redoing WinVerifyTrust]
23261330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
23271330.876c: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\imm32.dll
23281330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
23291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
23301330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
23311330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
23321330.876c: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
23331330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
23341330.876c: supR3HardenedDllNotificationCallback: load 00007ff868430000 LB 0x00031000 C:\windows\System32\IMM32.DLL [fFlags=0x0]
23351330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
23361330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868430000 'C:\windows\system32\IMM32.DLL'
23371330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
23381330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
23391330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
23401330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
23411330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
23421330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
23431330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
23441330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
23451330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
23461330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
23471330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
23481330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
23491330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
23501330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
23511330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
23521330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
23531330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
23541330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
23551330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
23561330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
23571330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
23581330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
23591330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
23601330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
23611330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
23621330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
23631330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
23641330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
23651330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
23661330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
23671330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
23681330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
23691330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
23701330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
23711330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
23721330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
23731330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
23741330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
23751330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
23761330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
23771330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
23781330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
23791330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
23801330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
23811330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
23821330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
23831330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
23841330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
23851330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
23861330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
23871330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868310000 'C:\windows\System32\ADVAPI32.DLL'
23881330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
23891330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
23901330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
23911330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
23921330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
23931330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
23941330.876c: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
23951330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
23961330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
23971330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
23981330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
23991330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
24001330.876c: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
24011330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
24021330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
24031330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
24041330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
24051330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
24061330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
24071330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
24081330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
24091330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
24101330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
24111330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
24121330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff800f10000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
24131330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24141330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24151330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
24161330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24171330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24181330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'
24191330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24201330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24211330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'
24221330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000448 pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
24231330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
24241330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
24251330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AA7DC3A3EEA8D84E88346437F6D9D5DF9B3C090B
24261330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24271330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24281330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpenGL-Package~31bf3856ad364e35~amd64~~10.0.22000.708.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
24291330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
24301330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
24311330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24321330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24331330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll'
24341330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24351330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24361330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
24371330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24381330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24391330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
24401330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24411330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24421330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll'
24431330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24441330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24451330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
24461330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24471330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24481330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
24491330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24511330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'
24521330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24531330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24541330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
24551330.876c: SUPR3HardenedMain: Calling TrustedMain (00007ff800f116c0)...
24561330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
24571330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
24581330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
24591330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
24601330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
24611330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
24621330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
24631330.876c: supR3HardenedDllNotificationCallback: load 00007ff864800000 LB 0x00166000 C:\windows\SYSTEM32\wintypes.dll [fFlags=0x0]
24641330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
24651330.876c: supR3HardenedDllNotificationCallback: load 00007ff864970000 LB 0x00868000 C:\windows\SYSTEM32\windows.storage.dll [fFlags=0x0]
24661330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [avoiding WinVerifyTrust]
24671330.876c: supR3HardenedDllNotificationCallback: load 00007ff868c90000 LB 0x000ea000 C:\windows\System32\SHCORE.dll [fFlags=0x0]
24681330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
24691330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
24701330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
24711330.876c: supR3HardenedDllNotificationCallback: load 00007ff8680c0000 LB 0x0005d000 C:\windows\System32\shlwapi.dll [fFlags=0x0]
24721330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
24731330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
24741330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
24751330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24761330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24771330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
24781330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
24791330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
24801330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
24811330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
24821330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
24831330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
24841330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
24851330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
24861330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
24871330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
24881330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
24891330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
24901330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24911330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24921330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
24931330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24941330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24951330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
24961330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
24971330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
24981330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
24991330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
25001330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
25011330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'
25021330.876c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
25031330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
25041330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
25051330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25061330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
25071330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
25081330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
25091330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
25101330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
25111330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
25121330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
25131330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
25141330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
25151330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
25161330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
25171330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
25181330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
25191330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
25201330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
25211330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
25221330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
25231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
25241330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
25251330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
25261330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
25271330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
25281330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
25291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
25301330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
25311330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
25321330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
25331330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
25341330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25351330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25361330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
25371330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
25381330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
25391330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
25401330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
25411330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
25421330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
25431330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
25441330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
25451330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
25461330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
25471330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
25481330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
25491330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
25501330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25511330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
25521330.876c: supR3HardenedDllNotificationCallback: load 00007ff815a20000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
25531330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
25541330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff815a20000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
25551330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
25561330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'bcryptprimitives.dll'.
25571330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
25581330.876c: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcss.dll)
25591330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcss.dll
25601330.876c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000005e0 (hFile=0000000000000680) with 0xc0000022 -> STATUS_TRUST_FAILURE
25611330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcrt.dll'.
25621330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
25631330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
25641330.876c: supR3HardenedDllNotificationCallback: load 00007ff865990000 LB 0x00018000 C:\windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
25651330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
25661330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25671330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25681330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
25691330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
25701330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
25711330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
25721330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
25731330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
25741330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25751330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25761330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
25771330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
25781330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
25791330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000434 pwszName=\Device\HarddiskVolume3\Windows\System32\rpcss.dll
25801330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
25811330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
25821330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6F8588C53CF005F56300DEE3FD5DAA315FCB234C
25831330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
25841330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
25851330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\rpcss.dll'
25861330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25871330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcss.dll'
25881330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004d8 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
25891330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
25901330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
25911330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F0956825C524685A46260DF18D53678E8A3E6BF3
25921330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
25931330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25941330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
25951330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
25961330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
25971330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25981330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'gdi32.dll'.
25991330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'user32.dll'.
26001330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
26011330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
26021330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26031330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26041330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
26051330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
26061330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
26071330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
26081330.876c: supR3HardenedDllNotificationCallback: load 00007ff863ab0000 LB 0x000ac000 C:\windows\system32\uxtheme.dll [fFlags=0x0]
26091330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
26101330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff863ab0000 'C:\windows\system32\uxtheme.dll'
26111330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8672f0000 'C:\windows\system32\user32.dll'
26121330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
26131330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26141330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
26151330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
26161330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26171330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868c90000 'C:\windows\system32\SHCore.dll'
26181330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
26191330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
26201330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'winmm.dll'.
26211330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
26221330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr120.dll'.
26231330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcp120.dll'.
26241330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTab32.dll) WinVerifyTrust
26251330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTab32.dll
26261330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp120.dll'...
26271330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msvcp120.dll'
26281330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr120.dll'...
26291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msvcr120.dll'
26301330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
26311330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
26321330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
26331330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
26341330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
26351330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26361330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTab32.dll
26371330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\windows\system32\wintab32.dll'
26381330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8672f0000 'C:\windows\system32\user32.dll'
26391330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
26401330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26411330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff85d380000 'C:\windows\system32\winmm.dll'
26421330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
26431330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26441330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff85d380000 'C:\windows\system32\winmm.dll'
26451330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
26461330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26471330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
26481330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
26491330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff863ab0000 'C:\windows\system32\uxtheme.dll'
26511330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
26521330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26531330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868310000 'C:\windows\system32\advapi32.dll'
26541330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
26551330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
26561330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
26571330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
26581330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
26591330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26601330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26611330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26621330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
26631330.876c: supR3HardenedDllNotificationCallback: load 00007ff865f50000 LB 0x00029000 C:\windows\system32\userenv.dll [fFlags=0x0]
26641330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
26651330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff865f50000 'C:\windows\system32\userenv.dll'
26661330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
26671330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26681330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868120000 'C:\windows\System32\kernel32.dll'
26691330.876c: supR3HardenedDllNotificationCallback: load 00007ff867fa0000 LB 0x000af000 C:\windows\System32\clbcatq.dll [fFlags=0x0]
26701330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26711330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
26721330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
26731330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
26741330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcss.dll
26751330.876c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000006b4 (hFile=000000000000060c) with 0xc0000022 -> STATUS_TRUST_FAILURE
26761330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26771330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26781330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26791330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26801330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
26811330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
26821330.5df8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
26831330.5df8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll: Signature #1/2: info status: 24202
26841330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
26851330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
26861330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
26871330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
26881330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
26891330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
26901330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
26911330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
26921330.5df8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
26931330.5df8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
26941330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26951330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
26961330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
26971330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26981330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
26991330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
27001330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27011330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27021330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
27031330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27041330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27051330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
27061330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
27071330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
27081330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27091330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27101330.5df8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27111330.5df8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
27121330.5df8: supR3HardenedDllNotificationCallback: load 00007fffdaa90000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
27131330.5df8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
27141330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffdaa90000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
27151330.5df8: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll: Signature #1/2: info status: 24202
27161330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
27171330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
27181330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27191330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
27201330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
27211330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
27221330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
27231330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
27241330.5df8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
27251330.5df8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
27261330.5df8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
27271330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
27281330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
27291330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
27301330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
27311330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
27321330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
27331330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
27341330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
27351330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
27361330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
27371330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
27381330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
27391330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
27401330.5df8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
27411330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27421330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27431330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27441330.5df8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27451330.5df8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27461330.5df8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
27471330.5df8: supR3HardenedDllNotificationCallback: load 00007ff82d500000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
27481330.5df8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
27491330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff82d500000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
27501330.5df8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
27511330.5df8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27521330.5df8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867210000 'C:\Windows\System32\oleaut32.dll'
27531330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867dd0000 'C:\windows\system32\gdi32.dll'
27541330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
27551330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27561330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
27571330.876c: supR3HardenedDllNotificationCallback: load 00007ff867940000 LB 0x0011e000 C:\windows\System32\MSCTF.dll [fFlags=0x0]
27581330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27591330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
27601330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
27611330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27621330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27631330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
27641330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
27651330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
27661330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000099c pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
27671330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
27681330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
27691330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=101A03863CE4DE896B456ABD0FCE21AF048BCA12
27701330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
27711330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
27721330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-AppRuntime-merged-Package~31bf3856ad364e35~amd64~~10.0.22000.469.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
27731330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
27741330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'msvcp_win.dll'.
27751330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
27761330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
27771330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
27781330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
27791330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
27801330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
27811330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
27821330.876c: supR3HardenedDllNotificationCallback: load 00007ff8474f0000 LB 0x0005d000 C:\windows\system32\dataexchange.dll [fFlags=0x0]
27831330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
27841330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8474f0000 'C:\windows\system32\dataexchange.dll'
27851330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'combase.dll'.
27861330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'msvcp_win.dll'.
27871330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
27881330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
27891330.876c: supR3HardenedDllNotificationCallback: load 00007ff85e110000 LB 0x00266000 C:\windows\system32\twinapi.appcore.dll [fFlags=0x0]
27901330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
27911330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
27921330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
27931330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
27941330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
27951330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
27961330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
27971330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
27981330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
27991330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
28001330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28011330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868c90000 'C:\windows\system32\Shcore.dll'
28021330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28031330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
28041330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
28051330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
28061330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
28071330.876c: supR3HardenedDllNotificationCallback: load 00007ff849590000 LB 0x0012d000 C:\windows\SYSTEM32\textinputframework.dll [fFlags=0x0]
28081330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
28091330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'msvcp_win.dll'.
28101330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
28111330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
28121330.876c: supR3HardenedDllNotificationCallback: load 00007ff863700000 LB 0x00132000 C:\windows\SYSTEM32\CoreMessaging.dll [fFlags=0x0]
28131330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
28141330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
28151330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
28161330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28171330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28181330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
28191330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
28201330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
28211330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28221330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28231330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
28241330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
28251330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'
28261330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
28271330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
28281330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
28291330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-security-sddl-l1-1-0.dll) -> 0x0, fPresent=1
28301330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-security-sddl-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28311330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868e00000 'api-ms-win-security-sddl-l1-1-0.dll'
28321330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
28331330.876c: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28341330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8672f0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
28351330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
28361330.876c: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28371330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8672f0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
28381330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28391330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'coremessaging.dll'.
28401330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
28411330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
28421330.876c: supR3HardenedDllNotificationCallback: load 00007ff860ce0000 LB 0x0036d000 C:\windows\SYSTEM32\CoreUIComponents.dll [fFlags=0x0]
28431330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
28441330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
28451330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
28461330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
28471330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28481330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28491330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
28501330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
28511330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'
28521330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8681e0000 'C:\windows\System32\RPCRT4.dll'
28531330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-security-systemfunctions-l1-1-0) -> 0x0, fPresent=1
28541330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-security-systemfunctions-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
28551330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868310000 'api-ms-win-security-systemfunctions-l1-1-0'
28561330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
28571330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28581330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867940000 'C:\windows\System32\MSCTF.dll'
28591330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009cc pwszName=\Device\HarddiskVolume3\Windows\System32\oleacc.dll
28601330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
28611330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
28621330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EACA2A8DE267E075674974460F94DA8439C2CE02
28631330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
28641330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
28651330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04111~31bf3856ad364e35~amd64~~10.0.22000.469.cat'; file='\Device\HarddiskVolume3\Windows\System32\oleacc.dll'
28661330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
28671330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
28681330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleacc.dll) WinVerifyTrust
28691330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleacc.dll
28701330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28711330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28721330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
28731330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
28741330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
28751330.876c: supR3HardenedDllNotificationCallback: load 00007ff841390000 LB 0x00069000 C:\windows\system32\Oleacc.dll [fFlags=0x0]
28761330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
28771330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff841390000 'C:\windows\system32\Oleacc.dll'
28781330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
28791330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\OLEAUT32.DLL (Input=OLEAUT32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28801330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867210000 'C:\windows\System32\OLEAUT32.DLL'
28811330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
28821330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28831330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff841390000 'C:\windows\system32\oleacc.dll'
28841330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleacc.dll
28851330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleacc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
28861330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff841390000 'C:\Windows\System32\oleacc.dll'
28871330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
28881330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28891330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
28901330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
28911330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
28921330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28931330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867e00000 'C:\windows\System32\ole32.dll'
28941330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867210000 'C:\windows\System32\OLEAUT32.dll'
28951330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ad8 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
28961330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
28971330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
28981330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=72A7777E2E42F8ED9F54E831EF23DA9E1E18ED1C
28991330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
29001330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
29011330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
29021330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29031330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29041330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'wbemcomn.dll'.
29051330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
29061330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
29071330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
29081330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
29091330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ac4 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
29101330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
29111330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
29121330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=45A464176830F0AA8063DB542765DA4B4DCE6F9E
29131330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
29141330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
29151330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
29161330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29171330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29181330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
29191330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
29201330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29211330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29221330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29241330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
29251330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
29261330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
29271330.876c: supR3HardenedDllNotificationCallback: load 00007ff85af20000 LB 0x00082000 C:\windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
29281330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
29291330.876c: supR3HardenedDllNotificationCallback: load 00007ff85afc0000 LB 0x00010000 C:\windows\system32\wbem\wbemprox.dll [fFlags=0x0]
29301330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
29311330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
29321330.876c: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29331330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
29341330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff85afc0000 'C:\windows\system32\wbem\wbemprox.dll'
29351330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009d0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
29361330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
29371330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
29381330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B9E6574CB33BE95DDDFC06987443AD17F741154
29391330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
29401330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
29411330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
29421330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29431330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29441330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
29451330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
29461330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
29471330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29481330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29491330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29501330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29511330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
29521330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
29531330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
29541330.876c: supR3HardenedDllNotificationCallback: load 00007ff8551e0000 LB 0x00014000 C:\windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
29551330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
29561330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8551e0000 'C:\windows\system32\wbem\wbemsvc.dll'
29571330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
29581330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29591330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-localization-l1-2-0.dll'
29601330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
29611330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
29621330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
29631330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a64 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
29641330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
29651330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
29661330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C006C9BBF3712859F7F5F20A758C570A45C51802
29671330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
29681330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
29691330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
29701330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29711330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29721330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
29731330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
29741330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
29751330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
29761330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
29771330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
29781330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
29791330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
29801330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
29811330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
29821330.876c: supR3HardenedDllNotificationCallback: load 00007ff855200000 LB 0x000fa000 C:\windows\system32\wbem\fastprox.dll [fFlags=0x0]
29831330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
29841330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff855200000 'C:\windows\system32\wbem\fastprox.dll'
29851330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b34 pwszName=\Device\HarddiskVolume3\Windows\System32\amsi.dll
29861330.876c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
29871330.876c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
29881330.876c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2B275E46A4D44743A2E7B3BD101381367F8671AE
29891330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
29901330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
29911330.876c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\amsi.dll'
29921330.876c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
29931330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
29941330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
29951330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\amsi.dll) WinVerifyTrust
29961330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\amsi.dll
29971330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
29981330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
29991330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30001330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30011330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30021330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
30031330.876c: supR3HardenedDllNotificationCallback: load 00007ff855110000 LB 0x00025000 C:\windows\System32\amsi.dll [fFlags=0x0]
30041330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
30051330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff855110000 'C:\windows\System32\amsi.dll'
30061330.876c: \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll: Owner is administrators group.
30071330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
30081330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
30091330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
30101330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
30111330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
30121330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
30131330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
30141330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
30151330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shell32.dll'.
30161330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll) WinVerifyTrust
30171330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
30181330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
30191330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
30201330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
30211330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
30221330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
30231330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
30241330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
30251330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
30261330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
30271330.876c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
30281330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
30291330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
30301330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
30311330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
30321330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
30331330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
30341330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
30351330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
30361330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll) WinVerifyTrust
30371330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
30381330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\McAfee\MfeAV\AMSIExt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30391330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
30401330.876c: supR3HardenedDllNotificationCallback: load 00007ff868300000 LB 0x00008000 C:\windows\System32\PSAPI.DLL [fFlags=0x0]
30411330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
30421330.876c: supR3HardenedDllNotificationCallback: load 00007ff855010000 LB 0x000cb000 C:\Program Files\McAfee\MfeAV\AMSIExt.dll [fFlags=0x0]
30431330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
30441330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
30451330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30461330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-synch-l1-2-0'
30471330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
30481330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30491330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-fibers-l1-1-1'
30501330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
30511330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30521330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-synch-l1-2-0'
30531330.876c: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
30541330.876c: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30551330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'api-ms-win-core-localization-l1-2-1'
30561330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
30571330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30581330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868120000 'C:\windows\System32\kernel32.dll'
30591330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
30601330.876c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
30611330.876c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll)
30621330.876c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
30631330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
30641330.876c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
30651330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
30661330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
30671330.876c: supR3HardenedDllNotificationCallback: load 00007ff85efa0000 LB 0x0000a000 C:\Windows\System32\version.dll [fFlags=0x0]
30681330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
30691330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff85efa0000 'C:\Windows\System32\version.dll'
30701330.876c: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
30711330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
30721330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
30731330.876c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000b2c (hFile=0000000000000b28) with 0xc0000022 -> STATUS_TRUST_FAILURE
30741330.876c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
30751330.876c: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000b2c (hFile=0000000000000b28) with 0xc0000022 -> STATUS_TRUST_FAILURE
30761330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff855010000 'C:\Program Files\McAfee\MfeAV\AMSIExt.dll'
30771330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
30781330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
30791330.876c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\version.dll'
30801330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868310000 'C:\windows\System32\ADVAPI32.dll'
30811330.86dc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll: Signature #1/2: info status: 24202
30821330.86dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
30831330.86dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
30841330.86dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
30851330.86dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
30861330.86dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
30871330.86dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30881330.86dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
30891330.86dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
30901330.86dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
30911330.86dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
30921330.86dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
30931330.86dc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30941330.86dc: supR3HardenedDllNotificationCallback: load 00007fffc4110000 LB 0x0037e000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
30951330.86dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
30961330.86dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffc4110000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
30971330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867e00000 'C:\windows\system32\ole32.dll'
30981330.2f18: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867e00000 'C:\windows\system32\ole32.dll'
30991330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31001330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31011330.8674: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll: Signature #1/2: info status: 24202
31021330.8674: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31031330.8674: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31041330.8674: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31051330.8674: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
31061330.8674: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
31071330.8674: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
31081330.8674: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
31091330.8674: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
31101330.8674: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
31111330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
31121330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
31131330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31141330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31151330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
31161330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
31171330.8674: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
31181330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
31191330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
31201330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31211330.8674: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31221330.8674: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31231330.8674: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
31241330.8674: supR3HardenedDllNotificationCallback: load 00007ff860720000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
31251330.8674: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
31261330.8674: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff860720000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
31271330.8188: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll: Signature #1/2: info status: 24202
31281330.8188: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31291330.8188: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31301330.8188: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
31311330.8188: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
31321330.8188: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
31331330.8188: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
31341330.8188: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
31351330.8188: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
31361330.8188: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
31371330.8188: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
31381330.8188: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
31391330.8188: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
31401330.8188: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
31411330.8188: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31421330.8188: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
31431330.8188: supR3HardenedDllNotificationCallback: load 00007ff85b100000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
31441330.8188: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
31451330.8188: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff85b100000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
31461330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\Shell32.dll'
31471330.7a9c: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e60 pwszName=\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
31481330.7a9c: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
31491330.7a9c: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
31501330.7a9c: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8B3A29BB93DC85DF241632350324C9785EA8BDD9
31511330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31521330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31531330.7a9c: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-Hypervisor-API-Package~31bf3856ad364e35~amd64~~10.0.22000.71.cat'; file='\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll'
31541330.7a9c: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
31551330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'.
31561330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'devobj.dll'.
31571330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
31581330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
31591330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
31601330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
31611330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31621330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31631330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'cfgmgr32.dll'.
31641330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust
31651330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
31661330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'...
31671330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume3\Windows\System32\vid.dll' [rcNtRedir=0xc0150008]
31681330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
31691330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
31701330.7a9c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'.
31711330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
31721330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
31731330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31741330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31751330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vid.dll) WinVerifyTrust
31761330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vid.dll
31771330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31781330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
31791330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
31801330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
31811330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
31821330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff84fdb0000 LB 0x0002d000 C:\windows\SYSTEM32\vid.dll [fFlags=0x0]
31831330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
31841330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff866540000 LB 0x0004c000 C:\windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0]
31851330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
31861330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff866510000 LB 0x0002c000 C:\windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
31871330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
31881330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff854d30000 LB 0x00046000 C:\windows\system32\WinHvPlatform.dll [fFlags=0x0]
31891330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
31901330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff854d30000 'C:\windows\system32\WinHvPlatform.dll'
31911330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31921330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31931330.7a9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
31941330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
31951330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
31961330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84fdb0000 'C:\windows\system32\vid.dll'
31971330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
31981330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
31991330.7a9c: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
32001330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) WinVerifyTrust
32011330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
32021330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32031330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\system32\NTDLL.DLL'
32041330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
32051330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
32061330.7a9c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll: Signature #1/2: info status: 24202
32071330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
32081330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
32091330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32101330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
32111330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
32121330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
32131330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
32141330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
32151330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
32161330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
32171330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
32181330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
32191330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
32201330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
32211330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
32221330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
32231330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
32241330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
32251330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
32261330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
32271330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
32281330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
32291330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
32301330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
32311330.7a9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
32321330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
32331330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
32341330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
32351330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
32361330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
32371330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
32381330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
32391330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32401330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
32411330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
32421330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
32431330.7a9c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll: Signature #1/2: info status: 24202
32441330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
32451330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
32461330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
32471330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
32481330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32491330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
32501330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
32511330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
32521330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
32531330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
32541330.7a9c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll: Signature #1/2: info status: 24202
32551330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32561330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32571330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32581330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32591330.7a9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
32601330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
32611330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
32621330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
32631330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
32641330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
32651330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
32661330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
32671330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
32681330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
32691330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32701330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32711330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
32721330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
32731330.7a9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
32741330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32751330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32761330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
32771330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
32781330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
32791330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
32801330.7a9c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
32811330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
32821330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
32831330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
32841330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
32851330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
32861330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
32871330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
32881330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
32891330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
32901330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
32911330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
32921330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff8674b0000 LB 0x0046c000 C:\windows\System32\SETUPAPI.dll [fFlags=0x0]
32931330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
32941330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff846cd0000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
32951330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
32961330.7a9c: supR3HardenedDllNotificationCallback: load 00007fffaf650000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
32971330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
32981330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff8654b0000 LB 0x0002d000 C:\windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
32991330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
33001330.7a9c: supR3HardenedDllNotificationCallback: load 00007fffafeb0000 LB 0x00a04000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
33011330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
33021330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffafeb0000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
33031330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
33041330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
33051330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
33061330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33071330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffdaa90000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
33081330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
33091330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
33101330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
33111330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33121330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffaf650000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
33131330.d28: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll: Signature #1/2: info status: 24202
33141330.d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
33151330.d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
33161330.d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
33171330.d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
33181330.d28: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
33191330.d28: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
33201330.d28: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
33211330.d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33221330.d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33231330.d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
33241330.d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
33251330.d28: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
33261330.d28: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33271330.d28: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33281330.d28: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33291330.d28: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
33301330.d28: supR3HardenedDllNotificationCallback: load 00007ff8501a0000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
33311330.d28: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
33321330.d28: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8501a0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
33331330.7ab4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll: Signature #1/2: info status: 24202
33341330.7ab4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
33351330.7ab4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
33361330.7ab4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
33371330.7ab4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
33381330.7ab4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
33391330.7ab4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
33401330.7ab4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
33411330.7ab4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
33421330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33431330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33441330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
33451330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
33461330.7ab4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
33471330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
33481330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
33491330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33501330.7ab4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33511330.7ab4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33521330.7ab4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
33531330.7ab4: supR3HardenedDllNotificationCallback: load 00007ff854cd0000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
33541330.7ab4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
33551330.7ab4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff854cd0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
33561330.7560: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll: Signature #1/2: info status: 24202
33571330.7560: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
33581330.7560: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
33591330.7560: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
33601330.7560: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
33611330.7560: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
33621330.7560: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
33631330.7560: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
33641330.7560: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
33651330.7560: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
33661330.7560: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
33671330.7560: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
33681330.7560: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
33691330.7560: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
33701330.7560: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33711330.7560: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
33721330.7560: supR3HardenedDllNotificationCallback: load 00007ff854b90000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
33731330.7560: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
33741330.7560: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff854b90000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
33751330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
33761330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
33771330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8654b0000 'C:\windows\system32\Iphlpapi.dll'
33781330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll)
33791330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
33801330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff8617a0000 LB 0x0000c000 C:\windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
33811330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
33821330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff867b50000 LB 0x00009000 C:\windows\System32\NSI.dll [fFlags=0x0]
33831330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll)
33841330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
33851330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
33861330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll)
33871330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll
33881330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff8600f0000 LB 0x00019000 C:\windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
33891330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
33901330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
33911330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll)
33921330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll
33931330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff860850000 LB 0x0001e000 C:\windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
33941330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
33951330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\dnsapi.dll)
33961330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\dnsapi.dll
33971330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff8654e0000 LB 0x000e8000 C:\windows\SYSTEM32\DNSAPI.dll [fFlags=0x0]
33981330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust]
33991330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34001330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34011330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34021330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34031330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34041330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34051330.7a9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dnsapi.dll'
34061330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34071330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34081330.7a9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc.dll'
34091330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34101330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34111330.7a9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\dhcpcsvc6.dll'
34121330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34131330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34141330.7a9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\nsi.dll'
34151330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34161330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34171330.7a9c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winnsi.dll'
34181330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34191330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34201330.7a9c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
34211330.7a9c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust
34221330.7a9c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34231330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
34241330.7a9c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
34251330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
34261330.7a9c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34271330.7a9c: supR3HardenedDllNotificationCallback: load 00007ff8534f0000 LB 0x0009c000 C:\windows\System32\MMDevApi.dll [fFlags=0x0]
34281330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34291330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8534f0000 'C:\windows\System32\MMDevApi.dll'
34301330.7a9c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
34311330.7a9c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34321330.7a9c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8534f0000 'C:\windows\System32\MMDEVAPI.DLL'
34331330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34341330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34351330.16d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
34361330.16d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
34371330.16d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34381330.16d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867180000 'C:\windows\System32\WINTRUST.DLL'
34391330.16d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\CRYPT32.dll'
34401330.16d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
34411330.16d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'ws2_32.dll'.
34421330.16d8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
34431330.16d8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mswsock.dll) WinVerifyTrust
34441330.16d8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mswsock.dll
34451330.16d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34461330.16d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34471330.16d8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
34481330.16d8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
34491330.16d8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
34501330.16d8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34511330.16d8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
34521330.16d8: supR3HardenedDllNotificationCallback: load 00007ff865de0000 LB 0x00067000 C:\windows\system32\mswsock.dll [fFlags=0x0]
34531330.16d8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mswsock.dll
34541330.16d8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff865de0000 'C:\windows\system32\mswsock.dll'
34551330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34561330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34571330.876c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
34581330.876c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
34591330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34601330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34611330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34621330.876c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868470000 'C:\windows\system32\shell32.dll'
34631330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'rpcrt4.dll'.
34641330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\propsys.dll)
34651330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\propsys.dll
34661330.71b8: supR3HardenedDllNotificationCallback: load 00007ff864510000 LB 0x000f7000 C:\windows\SYSTEM32\PROPSYS.dll [fFlags=0x0]
34671330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll [avoiding WinVerifyTrust]
34681330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34691330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'iertutil.dll'.
34701330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'srvcli.dll'.
34711330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'netutils.dll'.
34721330.71b8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\urlmon.dll)
34731330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\urlmon.dll
34741330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
34751330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\iertutil.dll)
34761330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\iertutil.dll
34771330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
34781330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\srvcli.dll)
34791330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\srvcli.dll
34801330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\netutils.dll)
34811330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\netutils.dll
34821330.71b8: supR3HardenedDllNotificationCallback: load 00007ff85e820000 LB 0x002b3000 C:\windows\SYSTEM32\iertutil.dll [fFlags=0x0]
34831330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
34841330.71b8: supR3HardenedDllNotificationCallback: load 00007ff85efb0000 LB 0x00028000 C:\windows\SYSTEM32\srvcli.dll [fFlags=0x0]
34851330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\srvcli.dll [avoiding WinVerifyTrust]
34861330.71b8: supR3HardenedDllNotificationCallback: load 00007ff8654a0000 LB 0x0000c000 C:\windows\SYSTEM32\netutils.dll [fFlags=0x0]
34871330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netutils.dll [avoiding WinVerifyTrust]
34881330.71b8: supR3HardenedDllNotificationCallback: load 00007ff85eae0000 LB 0x001ef000 C:\windows\SYSTEM32\urlmon.dll [fFlags=0x0]
34891330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\urlmon.dll [avoiding WinVerifyTrust]
34901330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
34911330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
34921330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
34931330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
34941330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netutils.dll'...
34951330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'netutils.dll' -> '\Device\HarddiskVolume3\Windows\System32\netutils.dll' [rcNtRedir=0xc0150008]
34961330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netutils.dll [lacks WinVerifyTrust]
34971330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'srvcli.dll'...
34981330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'srvcli.dll' -> '\Device\HarddiskVolume3\Windows\System32\srvcli.dll' [rcNtRedir=0xc0150008]
34991330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\srvcli.dll [lacks WinVerifyTrust]
35001330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iertutil.dll'...
35011330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'iertutil.dll' -> '\Device\HarddiskVolume3\Windows\System32\iertutil.dll' [rcNtRedir=0xc0150008]
35021330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\iertutil.dll [lacks WinVerifyTrust]
35031330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35041330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35051330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
35061330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
35071330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35081330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
35091330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
35101330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867180000 'C:\windows\System32\WINTRUST.DLL'
35111330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\CRYPT32.dll'
35121330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35131330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\netutils.dll'
35141330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35151330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35161330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\srvcli.dll'
35171330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35181330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35191330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\iertutil.dll'
35201330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000129c pwszName=\Device\HarddiskVolume3\Windows\System32\urlmon.dll
35211330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
35221330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
35231330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=CAB5E70DACEA769E65FB213F7439B56BA595BBD2
35241330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35251330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35261330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0417~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\urlmon.dll'
35271330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35281330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\urlmon.dll'
35291330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35301330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35311330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\propsys.dll'
35321330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8672f0000 'C:\windows\System32\user32.dll'
35331330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001314 pwszName=\Device\HarddiskVolume3\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
35341330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
35351330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
35361330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F525C076B29919A54C917AC361428ACD734440F2
35371330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35381330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35391330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Shell-ServiceHostBuilder-Package~31bf3856ad364e35~amd64~~10.0.22000.593.cat'; file='\Device\HarddiskVolume3\Windows\System32\Windows.Shell.ServiceHostBuilder.dll'
35401330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
35411330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
35421330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
35431330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\Windows.Shell.ServiceHostBuilder.dll) WinVerifyTrust
35441330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
35451330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
35461330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
35471330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
35481330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
35491330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
35501330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
35511330.71b8: supR3HardenedDllNotificationCallback: load 00007ff84d780000 LB 0x0001c000 C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll [fFlags=0x0]
35521330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.Shell.ServiceHostBuilder.dll
35531330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84d780000 'C:\Windows\System32\Windows.Shell.ServiceHostBuilder.dll'
35541330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35551330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35561330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35571330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
35581330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'combase.dll'.
35591330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\OneCoreUAPCommonProxyStub.dll) WinVerifyTrust
35601330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\OneCoreUAPCommonProxyStub.dll
35611330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
35621330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
35631330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
35641330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
35651330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
35661330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35671330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35681330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OneCoreUAPCommonProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
35691330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\OneCoreUAPCommonProxyStub.dll
35701330.71b8: supR3HardenedDllNotificationCallback: load 00007ff85d790000 LB 0x00816000 C:\Windows\System32\OneCoreUAPCommonProxyStub.dll [fFlags=0x0]
35711330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\OneCoreUAPCommonProxyStub.dll
35721330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff85d790000 'C:\Windows\System32\OneCoreUAPCommonProxyStub.dll'
35731330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35741330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35751330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35761330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'windows.storage.dll'.
35771330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
35781330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'msvcp110_win.dll'.
35791330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\Windows.System.Launcher.dll) WinVerifyTrust
35801330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Windows.System.Launcher.dll
35811330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp110_win.dll'...
35821330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp110_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll' [rcNtRedir=0xc0150008]
35831330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
35841330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
35851330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
35861330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll) WinVerifyTrust
35871330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll
35881330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
35891330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
35901330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
35911330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'windows.storage.dll'...
35921330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'windows.storage.dll' -> '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll' [rcNtRedir=0xc0150008]
35931330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
35941330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35951330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35961330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
35971330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
35981330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\Windows.System.Launcher.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
35991330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.System.Launcher.dll
36001330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll
36011330.71b8: supR3HardenedDllNotificationCallback: load 00007ff8619b0000 LB 0x00092000 C:\Windows\System32\msvcp110_win.dll [fFlags=0x0]
36021330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll
36031330.71b8: supR3HardenedDllNotificationCallback: load 00007ff8574f0000 LB 0x0013b000 C:\Windows\System32\Windows.System.Launcher.dll [fFlags=0x0]
36041330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.System.Launcher.dll
36051330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8574f0000 'C:\Windows\System32\Windows.System.Launcher.dll'
36061330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryCore.dll)
36071330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryCore.dll
36081330.71b8: supR3HardenedDllNotificationCallback: load 00007ff85d290000 LB 0x0001b000 C:\windows\SYSTEM32\windows.staterepositorycore.dll [fFlags=0x0]
36091330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryCore.dll [avoiding WinVerifyTrust]
36101330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'shlwapi.dll'.
36111330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
36121330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'advapi32.dll'.
36131330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
36141330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'user32.dll'.
36151330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ole32.dll'.
36161330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'oleaut32.dll'.
36171330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'shell32.dll'.
36181330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'iertutil.dll'.
36191330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
36201330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'netapi32.dll'.
36211330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'version.dll'.
36221330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'userenv.dll'.
36231330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'winhttp.dll'.
36241330.71b8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\ieframe.dll)
36251330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ieframe.dll
36261330.71b8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000013bc (hFile=000000000000122c) with 0xc0000022 -> STATUS_TRUST_FAILURE
36271330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000012ec pwszName=\Device\HarddiskVolume3\Windows\System32\ieframe.dll
36281330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
36291330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
36301330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=1BF3516A7DA69834A0DB8F81E2707EBB5C75BCF4
36311330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winhttp.dll'...
36321330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winhttp.dll' -> '\Device\HarddiskVolume3\Windows\System32\winhttp.dll' [rcNtRedir=0xc0150008]
36331330.71b8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\winhttp.dll'.
36341330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winhttp.dll)
36351330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winhttp.dll
36361330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
36371330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume3\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
36381330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
36391330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
36401330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume3\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
36411330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
36421330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netapi32.dll'...
36431330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'netapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\netapi32.dll' [rcNtRedir=0xc0150008]
36441330.71b8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'.
36451330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
36461330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\netapi32.dll)
36471330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\netapi32.dll
36481330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
36491330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
36501330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iertutil.dll'...
36511330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'iertutil.dll' -> '\Device\HarddiskVolume3\Windows\System32\iertutil.dll' [rcNtRedir=0xc0150008]
36521330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\iertutil.dll
36531330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
36541330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
36551330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
36561330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
36571330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
36581330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
36591330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
36601330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
36611330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
36621330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
36631330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
36641330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
36651330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36661330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36671330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
36681330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
36691330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
36701330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
36711330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
36721330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
36731330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
36741330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-InternetExplorer-Required-Package~31bf3856ad364e35~amd64~~11.0.22000.832.cat'; file='\Device\HarddiskVolume3\Windows\System32\ieframe.dll'
36751330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
36761330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ieframe.dll'
36771330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
36781330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
36791330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryCore.dll'
36801330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
36811330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
36821330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
36831330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
36841330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\netapi32.dll'
36851330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
36861330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
36871330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\winhttp.dll'
36881330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
36891330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ieframe.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
36901330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
36911330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll
36921330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winhttp.dll
36931330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
36941330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wkscli.dll)
36951330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wkscli.dll
36961330.71b8: supR3HardenedDllNotificationCallback: load 00007ff854720000 LB 0x0001a000 C:\Windows\System32\NETAPI32.dll [fFlags=0x0]
36971330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll
36981330.71b8: supR3HardenedDllNotificationCallback: load 00007ff860390000 LB 0x0010c000 C:\Windows\System32\WINHTTP.dll [fFlags=0x0]
36991330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winhttp.dll
37001330.71b8: supR3HardenedDllNotificationCallback: load 00007ff85f500000 LB 0x0001a000 C:\Windows\System32\WKSCLI.DLL [fFlags=0x0]
37011330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wkscli.dll [avoiding WinVerifyTrust]
37021330.71b8: supR3HardenedDllNotificationCallback: load 00007ff80cac0000 LB 0x007cc000 C:\Windows\System32\ieframe.dll [fFlags=0x0]
37031330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
37041330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\wkscli.dll'.
37051330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\wkscli.dll' [rescheduled]
37061330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll'.
37071330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37081330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
37091330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'user32.dll'.
37101330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll)
37111330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll
37121330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
37131330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
37141330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
37151330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
37161330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37171330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37181330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
37191330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
37201330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000004001:<flags> [calling]
37211330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll [avoiding WinVerifyTrust]
37221330.71b8: supR3HardenedDllNotificationCallback: load 00007ff847930000 LB 0x002a5000 C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll [fFlags=0x0]
37231330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll [avoiding WinVerifyTrust]
37241330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff847930000 'C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll'
37251330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll'.
37261330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll' [rescheduled]
37271330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\wkscli.dll'.
37281330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\wkscli.dll' [rescheduled]
37291330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff80cac0000 'C:\Windows\System32\ieframe.dll'
37301330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
37311330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
37321330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll'
37331330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
37341330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
37351330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wkscli.dll'
37361330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
37371330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\PROPSYS.dll (Input=PROPSYS.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
37381330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864510000 'C:\windows\System32\PROPSYS.dll'
37391330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
37401330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\propsys.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
37411330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864510000 'C:\windows\system32\propsys.dll'
37421330.71b8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-downlevel-ole32-l1-1-0.dll) -> 0x0, fPresent=1
37431330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-downlevel-ole32-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
37441330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868f30000 'api-ms-win-downlevel-ole32-l1-1-0.dll'
37451330.385c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
37461330.385c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
37471330.385c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37481330.385c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
37491330.385c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryPS.dll) WinVerifyTrust
37501330.385c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryPS.dll
37511330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
37521330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
37531330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37541330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37551330.385c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\\Windows.StateRepositoryPS.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
37561330.385c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryPS.dll
37571330.385c: supR3HardenedDllNotificationCallback: load 00007ff84d8f0000 LB 0x00134000 C:\Windows\System32\Windows.StateRepositoryPS.dll [fFlags=0x0]
37581330.385c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryPS.dll
37591330.385c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84d8f0000 'C:\Windows\System32\\Windows.StateRepositoryPS.dll'
37601330.385c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37611330.385c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
37621330.385c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryClient.dll)
37631330.385c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryClient.dll
37641330.385c: supR3HardenedDllNotificationCallback: load 00007ff8574b0000 LB 0x0003e000 C:\windows\SYSTEM32\windows.staterepositoryclient.dll [fFlags=0x0]
37651330.385c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryClient.dll [avoiding WinVerifyTrust]
37661330.385c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
37671330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
37681330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
37691330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37701330.385c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37711330.385c: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
37721330.385c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
37731330.385c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
37741330.385c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\Windows.StateRepositoryClient.dll'
37751330.385c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
37761330.385c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WinTypes.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
37771330.385c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864800000 'C:\Windows\System32\WinTypes.dll'
37781330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37791330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'vaultcli.dll'.
37801330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
37811330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'oleaut32.dll'.
37821330.71b8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\edputil.dll)
37831330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\edputil.dll
37841330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
37851330.71b8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\vaultcli.dll)
37861330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vaultcli.dll
37871330.71b8: supR3HardenedDllNotificationCallback: load 00007ff8584e0000 LB 0x00059000 C:\windows\SYSTEM32\VAULTCLI.dll [fFlags=0x0]
37881330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\vaultcli.dll [avoiding WinVerifyTrust]
37891330.71b8: supR3HardenedDllNotificationCallback: load 00007ff83f710000 LB 0x00026000 C:\windows\SYSTEM32\edputil.dll [fFlags=0x0]
37901330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\edputil.dll [avoiding WinVerifyTrust]
37911330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000131c pwszName=\Device\HarddiskVolume3\Windows\System32\vaultcli.dll
37921330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
37931330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
37941330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E9739D24B7306256973C0391003DB835E1752255
37951330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
37961330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
37971330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
37981330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
37991330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
38001330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
38011330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vaultcli.dll'...
38021330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vaultcli.dll' -> '\Device\HarddiskVolume3\Windows\System32\vaultcli.dll' [rcNtRedir=0xc0150008]
38031330.71b8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\vaultcli.dll [lacks WinVerifyTrust]
38041330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
38051330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
38061330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
38071330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
38081330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
38091330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-SecurityVault-Package~31bf3856ad364e35~amd64~~10.0.22000.613.cat'; file='\Device\HarddiskVolume3\Windows\System32\vaultcli.dll'
38101330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
38111330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\vaultcli.dll'
38121330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001298 pwszName=\Device\HarddiskVolume3\Windows\System32\edputil.dll
38131330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
38141330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
38151330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D61B9A6CCE7D2628EE13D6BAEF65EEAB0AA233B6
38161330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
38171330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
38181330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0417~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\edputil.dll'
38191330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
38201330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\edputil.dll'
38211330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001340 pwszName=\Device\HarddiskVolume3\Windows\System32\secur32.dll
38221330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
38231330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
38241330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=77113CFF274F38D059C5BB04B30BA83A5A1B61DF
38251330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
38261330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
38271330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04111~31bf3856ad364e35~amd64~~10.0.22000.832.cat'; file='\Device\HarddiskVolume3\Windows\System32\secur32.dll'
38281330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
38291330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\secur32.dll) WinVerifyTrust
38301330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\secur32.dll
38311330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\Secur32.dll (Input=Secur32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38321330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\secur32.dll
38331330.71b8: supR3HardenedDllNotificationCallback: load 00007ff8584a0000 LB 0x0000c000 C:\windows\System32\Secur32.dll [fFlags=0x0]
38341330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\secur32.dll
38351330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8584a0000 'C:\windows\System32\Secur32.dll'
38361330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
38371330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sspicli.dll)
38381330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sspicli.dll
38391330.71b8: supR3HardenedDllNotificationCallback: load 00007ff865bd0000 LB 0x00042000 C:\windows\SYSTEM32\SSPICLI.DLL [fFlags=0x0]
38401330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sspicli.dll [avoiding WinVerifyTrust]
38411330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
38421330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
38431330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
38441330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
38451330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sspicli.dll'
38461330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sspicli.dll
38471330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\sspicli.dll (Input=sspicli.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
38481330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff865bd0000 'C:\windows\System32\sspicli.dll'
38491330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b58 pwszName=\Device\HarddiskVolume3\Windows\System32\mlang.dll
38501330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
38511330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
38521330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=577D461542BA5FDE630A7ADAB5FAAE3B2951D03B
38531330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
38541330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
38551330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04110~31bf3856ad364e35~amd64~~10.0.22000.469.cat'; file='\Device\HarddiskVolume3\Windows\System32\mlang.dll'
38561330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
38571330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
38581330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mlang.dll) WinVerifyTrust
38591330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mlang.dll
38601330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
38611330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
38621330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\MLANG.dll (Input=MLANG.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38631330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mlang.dll
38641330.71b8: supR3HardenedDllNotificationCallback: load 00007ff831fd0000 LB 0x00042000 C:\windows\System32\MLANG.dll [fFlags=0x0]
38651330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mlang.dll
38661330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fd0000 'C:\windows\System32\MLANG.dll'
38671330.71b8: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-downlevel-shlwapi-l2-1-0.dll) -> 0x0, fPresent=1
38681330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-downlevel-shlwapi-l2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38691330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868c90000 'api-ms-win-downlevel-shlwapi-l2-1-0.dll'
38701330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
38711330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
38721330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
38731330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wininet.dll) WinVerifyTrust
38741330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wininet.dll
38751330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
38761330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
38771330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\WININET.dll (Input=WININET.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
38781330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wininet.dll
38791330.71b8: supR3HardenedDllNotificationCallback: load 00007ff84d130000 LB 0x004fa000 C:\windows\System32\WININET.dll [fFlags=0x0]
38801330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wininet.dll
38811330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84d130000 'C:\windows\System32\WININET.dll'
38821330.48a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wininet.dll
38831330.48a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\wininet.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
38841330.48a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84d130000 'C:\windows\system32\wininet.dll'
38851330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868f30000 'C:\windows\System32\combase.dll'
38861330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
38871330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\windows.storage.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
38881330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864970000 'C:\Windows\System32\windows.storage.dll'
38891330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\apphelp.dll)
38901330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\apphelp.dll
38911330.71b8: supR3HardenedDllNotificationCallback: load 00007ff8639f0000 LB 0x00091000 C:\windows\SYSTEM32\apphelp.dll [fFlags=0x0]
38921330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll [avoiding WinVerifyTrust]
38931330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\apphelp.dll'.
38941330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\apphelp.dll' [rescheduled]
38951330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll
38961330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
38971330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\System32\ntdll.dll'
38981330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\apphelp.dll'.
38991330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\apphelp.dll' [rescheduled]
39001330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\apphelp.dll'.
39011330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\apphelp.dll' [rescheduled]
39021330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll
39031330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
39041330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\System32\ntdll.dll'
39051330.71b8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\apphelp.dll'.
39061330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\apphelp.dll' [rescheduled]
39071330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
39081330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
39091330.71b8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\apphelp.dll'
39101330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000013a4 pwszName=\Device\HarddiskVolume3\Windows\System32\OneCoreCommonProxyStub.dll
39111330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000019cf8e0
39121330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000019cf8e0
39131330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=95A3E309562049E9A76DEB150B72C02E4A5C398E
39141330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
39151330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
39161330.71b8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.22000.856.cat'; file='\Device\HarddiskVolume3\Windows\System32\OneCoreCommonProxyStub.dll'
39171330.71b8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
39181330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
39191330.71b8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
39201330.71b8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\OneCoreCommonProxyStub.dll) WinVerifyTrust
39211330.71b8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\OneCoreCommonProxyStub.dll
39221330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
39231330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
39241330.71b8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
39251330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
39261330.71b8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
39271330.71b8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OneCoreCommonProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
39281330.71b8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\OneCoreCommonProxyStub.dll
39291330.71b8: supR3HardenedDllNotificationCallback: load 00007ff84cfd0000 LB 0x000d3000 C:\Windows\System32\OneCoreCommonProxyStub.dll [fFlags=0x0]
39301330.71b8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\OneCoreCommonProxyStub.dll
39311330.71b8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84cfd0000 'C:\Windows\System32\OneCoreCommonProxyStub.dll'
39321330.71b8: supR3HardenedDllNotificationCallback: Unload 00007ff80cac0000 LB 0x007cc000 C:\Windows\System32\ieframe.dll [flags=0x0]
39331330.71b8: supR3HardenedDllNotificationCallback: Unload 00007ff854720000 LB 0x0001a000 C:\Windows\System32\NETAPI32.dll [flags=0x0]
39341330.71b8: supR3HardenedDllNotificationCallback: Unload 00007ff860390000 LB 0x0010c000 C:\Windows\System32\WINHTTP.dll [flags=0x0]
39351330.71b8: supR3HardenedDllNotificationCallback: Unload 00007ff85f500000 LB 0x0001a000 C:\Windows\System32\WKSCLI.DLL [flags=0x0]
39361330.1230: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
39371330.1230: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 000000000000133c (hFile=000000000000128c) with 0xc0000022 -> STATUS_TRUST_FAILURE
39381330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
39391330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ieframe.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
39401330.1230: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
39411330.1230: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll
39421330.1230: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winhttp.dll
39431330.1230: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wkscli.dll
39441330.1230: supR3HardenedDllNotificationCallback: load 00007ff854720000 LB 0x0001a000 C:\Windows\System32\NETAPI32.dll [fFlags=0x0]
39451330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\netapi32.dll
39461330.1230: supR3HardenedDllNotificationCallback: load 00007ff860390000 LB 0x0010c000 C:\Windows\System32\WINHTTP.dll [fFlags=0x0]
39471330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winhttp.dll
39481330.1230: supR3HardenedDllNotificationCallback: load 00007ff85f500000 LB 0x0001a000 C:\Windows\System32\WKSCLI.DLL [fFlags=0x0]
39491330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wkscli.dll
39501330.1230: supR3HardenedDllNotificationCallback: load 00007ff80cac0000 LB 0x007cc000 C:\Windows\System32\ieframe.dll [fFlags=0x0]
39511330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ieframe.dll
39521330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll
39531330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll (Input=comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000004001:<flags> [calling]
39541330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff847930000 'C:\windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.22000.120_none_9d947278b86cc467\comctl32.dll'
39551330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff80cac0000 'C:\Windows\System32\ieframe.dll'
39561330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\propsys.dll
39571330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\PROPSYS.dll (Input=PROPSYS.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39581330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864510000 'C:\windows\System32\PROPSYS.dll'
39591330.1230: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-downlevel-ole32-l1-1-0.dll) -> 0x0, fPresent=1
39601330.1230: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-downlevel-ole32-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39611330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868f30000 'api-ms-win-downlevel-ole32-l1-1-0.dll'
39621330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\secur32.dll
39631330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\Secur32.dll (Input=Secur32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39641330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8584a0000 'C:\windows\System32\Secur32.dll'
39651330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mlang.dll
39661330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\MLANG.dll (Input=MLANG.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39671330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff831fd0000 'C:\windows\System32\MLANG.dll'
39681330.1230: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-downlevel-shlwapi-l2-1-0.dll) -> 0x0, fPresent=1
39691330.1230: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-downlevel-shlwapi-l2-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39701330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff868c90000 'api-ms-win-downlevel-shlwapi-l2-1-0.dll'
39711330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wininet.dll
39721330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\WININET.dll (Input=WININET.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39731330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff84d130000 'C:\windows\System32\WININET.dll'
39741330.1230: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp110_win.dll'.
39751330.1230: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
39761330.1230: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\policymanager.dll)
39771330.1230: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\policymanager.dll
39781330.1230: supR3HardenedDllNotificationCallback: load 00007ff861b50000 LB 0x000a1000 C:\windows\SYSTEM32\policymanager.dll [fFlags=0x0]
39791330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\policymanager.dll [avoiding WinVerifyTrust]
39801330.1230: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
39811330.1230: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
39821330.1230: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp110_win.dll'...
39831330.1230: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp110_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll' [rcNtRedir=0xc0150008]
39841330.1230: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp110_win.dll
39851330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
39861330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
39871330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
39881330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff867180000 'C:\windows\System32\WINTRUST.DLL'
39891330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\CRYPT32.dll'
39901330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
39911330.1230: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\policymanager.dll'
39921330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
39931330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\windows.storage.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
39941330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864970000 'C:\windows\system32\windows.storage.dll'
39951330.1230: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msedge_elf.dll'.
39961330.1230: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe)
39971330.1230: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
39981330.1230: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001170 (hFile=0000000000001470) with 0xc0000022 -> STATUS_TRUST_FAILURE
39991330.1230: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msedge_elf.dll'...
40001330.1230: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msedge_elf.dll'
40011330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8658e0000 'C:\windows\system32\rsaenh.dll'
40021330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866840000 'C:\windows\System32\crypt32.dll'
40031330.1230: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files (x86)\Microsoft\Edge\Application\msedge.exe'
40041330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
40051330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\wintypes.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
40061330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff864800000 'C:\Windows\System32\wintypes.dll'
40071330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ntdll.dll
40081330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
40091330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff869360000 'C:\windows\System32\ntdll.dll'
40101330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
40111330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\System32\KernelBase.dll (Input=KernelBase, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
40121330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff866cc0000 'C:\windows\System32\KernelBase.dll'
40131330.1230: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\apphelp.dll
40141330.1230: supR3HardenedMonitor_LdrLoadDll: pName=C:\windows\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
40151330.1230: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff8639f0000 'C:\windows\system32\apphelp.dll'
40161330.1230: supR3HardenedDllNotificationCallback: Unload 00007ff80cac0000 LB 0x007cc000 C:\Windows\System32\ieframe.dll [flags=0x0]
40171330.1230: supR3HardenedDllNotificationCallback: Unload 00007ff854720000 LB 0x0001a000 C:\Windows\System32\NETAPI32.dll [flags=0x0]
40181330.1230: supR3HardenedDllNotificationCallback: Unload 00007ff860390000 LB 0x0010c000 C:\Windows\System32\WINHTTP.dll [flags=0x0]
40191330.1230: supR3HardenedDllNotificationCallback: Unload 00007ff85f500000 LB 0x0001a000 C:\Windows\System32\WKSCLI.DLL [flags=0x0]

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy