VirtualBox

Ticket #21271: WinXP-2022-11-15-17-24-35.log

File WinXP-2022-11-15-17-24-35.log, 349.1 KB (added by SergeB, 23 months ago)
Line 
116ec.40e0: Log file opened: 6.1.40r154048 g_hStartupLog=000000000000009c g_uNtVerCombined=0xa04a6500
216ec.40e0: \SystemRoot\System32\ntdll.dll:
316ec.40e0: CreationTime: 2022-10-12T09:29:37.470806700Z
416ec.40e0: LastWriteTime: 2022-10-12T09:29:37.501062700Z
516ec.40e0: ChangeTime: 2022-11-09T08:56:56.308945900Z
616ec.40e0: FileAttributes: 0x20
716ec.40e0: Size: 0x1ef5b8
816ec.40e0: NT Headers: 0xe8
916ec.40e0: Timestamp: 0xb5ced1c6
1016ec.40e0: Machine: 0x8664 - amd64
1116ec.40e0: Timestamp: 0xb5ced1c6
1216ec.40e0: Image Version: 10.0
1316ec.40e0: SizeOfImage: 0x1f8000 (2064384)
1416ec.40e0: Resource Dir: 0x186000 LB 0x700a0
1516ec.40e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
1616ec.40e0: [Raw version resource data: 0x1860f0 LB 0x380, codepage 0x0 (reserved 0x0)]
1716ec.40e0: ProductName: Microsoft® Windows® Operating System
1816ec.40e0: ProductVersion: 10.0.19041.2130
1916ec.40e0: FileVersion: 10.0.19041.2130 (WinBuild.160101.0800)
2016ec.40e0: FileDescription: NT Layer DLL
2116ec.40e0: \SystemRoot\System32\kernel32.dll:
2216ec.40e0: CreationTime: 2022-11-09T08:56:24.017546400Z
2316ec.40e0: LastWriteTime: 2022-11-09T08:56:24.031210200Z
2416ec.40e0: ChangeTime: 2022-11-09T16:12:46.008741900Z
2516ec.40e0: FileAttributes: 0x20
2616ec.40e0: Size: 0xbc890
2716ec.40e0: NT Headers: 0xf8
2816ec.40e0: Timestamp: 0x73bb7c6b
2916ec.40e0: Machine: 0x8664 - amd64
3016ec.40e0: Timestamp: 0x73bb7c6b
3116ec.40e0: Image Version: 10.0
3216ec.40e0: SizeOfImage: 0xbf000 (782336)
3316ec.40e0: Resource Dir: 0xbd000 LB 0x520
3416ec.40e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
3516ec.40e0: [Raw version resource data: 0xbd0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
3616ec.40e0: ProductName: Microsoft® Windows® Operating System
3716ec.40e0: ProductVersion: 10.0.19041.2251
3816ec.40e0: FileVersion: 10.0.19041.2251 (WinBuild.160101.0800)
3916ec.40e0: FileDescription: Windows NT BASE API Client DLL
4016ec.40e0: \SystemRoot\System32\KernelBase.dll:
4116ec.40e0: CreationTime: 2022-11-09T08:56:21.651724300Z
4216ec.40e0: LastWriteTime: 2022-11-09T08:56:21.706379300Z
4316ec.40e0: ChangeTime: 2022-11-09T16:12:50.873731200Z
4416ec.40e0: FileAttributes: 0x20
4516ec.40e0: Size: 0x2d3ce8
4616ec.40e0: NT Headers: 0xf0
4716ec.40e0: Timestamp: 0x7f7062e1
4816ec.40e0: Machine: 0x8664 - amd64
4916ec.40e0: Timestamp: 0x7f7062e1
5016ec.40e0: Image Version: 10.0
5116ec.40e0: SizeOfImage: 0x2d2000 (2957312)
5216ec.40e0: Resource Dir: 0x2a8000 LB 0x548
5316ec.40e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
5416ec.40e0: [Raw version resource data: 0x2a80b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
5516ec.40e0: ProductName: Microsoft® Windows® Operating System
5616ec.40e0: ProductVersion: 10.0.19041.2193
5716ec.40e0: FileVersion: 10.0.19041.2193 (WinBuild.160101.0800)
5816ec.40e0: FileDescription: Windows NT BASE API Client DLL
5916ec.40e0: \SystemRoot\System32\apisetschema.dll:
6016ec.40e0: CreationTime: 2019-12-07T09:08:13.518339400Z
6116ec.40e0: LastWriteTime: 2019-12-07T09:08:13.518339400Z
6216ec.40e0: ChangeTime: 2022-11-09T08:56:56.230867300Z
6316ec.40e0: FileAttributes: 0x20
6416ec.40e0: Size: 0x1f538
6516ec.40e0: NT Headers: 0xd0
6616ec.40e0: Timestamp: 0x31288ce0
6716ec.40e0: Machine: 0x8664 - amd64
6816ec.40e0: Timestamp: 0x31288ce0
6916ec.40e0: Image Version: 10.0
7016ec.40e0: SizeOfImage: 0x20000 (131072)
7116ec.40e0: Resource Dir: 0x1f000 LB 0x408
7216ec.40e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
7316ec.40e0: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
7416ec.40e0: ProductName: Microsoft® Windows® Operating System
7516ec.40e0: ProductVersion: 10.0.19041.1
7616ec.40e0: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
7716ec.40e0: FileDescription: ApiSet Schema DLL
7816ec.40e0: supR3HardenedWinFindAdversaries: 0x0
7916ec.40e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
8016ec.40e0: Calling main()
8116ec.40e0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
8216ec.40e0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
8316ec.40e0: SUPR3HardenedMain: Respawn #1
8416ec.40e0: System32: \Device\HarddiskVolume8\Windows\System32
8516ec.40e0: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
8616ec.40e0: KnownDllPath: C:\WINDOWS\System32
8716ec.40e0: supR3HardenedWinInit: Performing a limited self purification...
8816ec.40e0: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
8916ec.40e0: *0000000000000000-000000000034ffff 0x0001/0x0000 0x0000000
9016ec.40e0: *0000000000350000-0000000000350fff 0x0002/0x0002 0x0040000
9116ec.40e0: 0000000000351000-000000000035ffff 0x0001/0x0000 0x0000000
9216ec.40e0: *0000000000360000-0000000000360fff 0x0002/0x0002 0x0040000
9316ec.40e0: 0000000000361000-000000000036ffff 0x0001/0x0000 0x0000000
9416ec.40e0: *0000000000370000-000000000038cfff 0x0002/0x0002 0x0040000
9516ec.40e0: 000000000038d000-000000000038ffff 0x0001/0x0000 0x0000000
9616ec.40e0: *0000000000390000-0000000000393fff 0x0002/0x0002 0x0040000
9716ec.40e0: 0000000000394000-000000000039ffff 0x0001/0x0000 0x0000000
9816ec.40e0: *00000000003a0000-00000000003a1fff 0x0004/0x0004 0x0020000
9916ec.40e0: 00000000003a2000-00000000003affff 0x0001/0x0000 0x0000000
10016ec.40e0: *00000000003b0000-00000000003b0fff 0x0002/0x0002 0x0040000
10116ec.40e0: 00000000003b1000-00000000003bffff 0x0001/0x0000 0x0000000
10216ec.40e0: *00000000003c0000-00000000003cffff 0x0004/0x0004 0x0040000
10316ec.40e0: 00000000003d0000-00000000003fffff 0x0001/0x0000 0x0000000
10416ec.40e0: *0000000000400000-0000000000459fff 0x0000/0x0004 0x0020000
10516ec.40e0: 000000000045a000-000000000045cfff 0x0004/0x0004 0x0020000
10616ec.40e0: 000000000045d000-00000000005fffff 0x0000/0x0004 0x0020000
10716ec.40e0: *0000000000600000-00000000006b8fff 0x0000/0x0004 0x0020000
10816ec.40e0: 00000000006b9000-00000000006bbfff 0x0104/0x0004 0x0020000
10916ec.40e0: 00000000006bc000-00000000006fffff 0x0004/0x0004 0x0020000
11016ec.40e0: *0000000000700000-00000000007c8fff 0x0002/0x0002 0x0040000
11116ec.40e0: 00000000007c9000-00000000007cffff 0x0001/0x0000 0x0000000
11216ec.40e0: *00000000007d0000-00000000007d0fff 0x0004/0x0004 0x0020000
11316ec.40e0: 00000000007d1000-0000000000801fff 0x0000/0x0004 0x0020000
11416ec.40e0: 0000000000802000-000000000080ffff 0x0001/0x0000 0x0000000
11516ec.40e0: *0000000000810000-0000000000811fff 0x0004/0x0004 0x0020000
11616ec.40e0: 0000000000812000-0000000000841fff 0x0000/0x0004 0x0020000
11716ec.40e0: 0000000000842000-000000000087ffff 0x0001/0x0000 0x0000000
11816ec.40e0: *0000000000880000-000000000088efff 0x0004/0x0004 0x0020000
11916ec.40e0: 000000000088f000-000000000097ffff 0x0000/0x0004 0x0020000
12016ec.40e0: 0000000000980000-0000000000a0ffff 0x0001/0x0000 0x0000000
12116ec.40e0: *0000000000a10000-0000000000a1efff 0x0004/0x0004 0x0020000
12216ec.40e0: 0000000000a1f000-0000000000a1ffff 0x0000/0x0004 0x0020000
12316ec.40e0: *0000000000a20000-0000000000a26fff 0x0000/0x0004 0x0020000
12416ec.40e0: 0000000000a27000-0000000000c1ffff 0x0004/0x0004 0x0020000
12516ec.40e0: 0000000000c20000-0000000000c20fff 0x0000/0x0004 0x0020000
12616ec.40e0: 0000000000c21000-0000000000c2ffff 0x0001/0x0000 0x0000000
12716ec.40e0: *0000000000c30000-0000000000c5bfff 0x0004/0x0004 0x0020000
12816ec.40e0: 0000000000c5c000-0000000000d2ffff 0x0000/0x0004 0x0020000
12916ec.40e0: 0000000000d30000-000000007ffdffff 0x0001/0x0000 0x0000000
13016ec.40e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
13116ec.40e0: 000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
13216ec.40e0: *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
13316ec.40e0: 000000007ffef000-00007ff47becffff 0x0001/0x0000 0x0000000
13416ec.40e0: *00007ff47bed0000-00007ff47bed4fff 0x0002/0x0002 0x0040000
13516ec.40e0: 00007ff47bed5000-00007ff47bfcffff 0x0000/0x0002 0x0040000
13616ec.40e0: *00007ff47bfd0000-00007ff57bfeffff 0x0000/0x0004 0x0020000
13716ec.40e0: *00007ff57bff0000-00007ff57dfeffff 0x0000/0x0004 0x0020000
13816ec.40e0: 00007ff57dff0000-00007ff57dff0fff 0x0004/0x0004 0x0020000
13916ec.40e0: 00007ff57dff1000-00007ff57dffffff 0x0001/0x0000 0x0000000
14016ec.40e0: *00007ff57e000000-00007ff57e000fff 0x0002/0x0002 0x0040000
14116ec.40e0: 00007ff57e001000-00007ff57e00ffff 0x0001/0x0000 0x0000000
14216ec.40e0: *00007ff57e010000-00007ff57e032fff 0x0002/0x0002 0x0040000
14316ec.40e0: 00007ff57e033000-00007ff6d862ffff 0x0001/0x0000 0x0000000
14416ec.40e0: *00007ff6d8630000-00007ff6d8630fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14516ec.40e0: 00007ff6d8631000-00007ff6d86a8fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14616ec.40e0: 00007ff6d86a9000-00007ff6d86a9fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14716ec.40e0: 00007ff6d86aa000-00007ff6d86f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14816ec.40e0: 00007ff6d86f4000-00007ff6d86f6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
14916ec.40e0: 00007ff6d86f7000-00007ff6d86f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15016ec.40e0: 00007ff6d86fa000-00007ff6d86fcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15116ec.40e0: 00007ff6d86fd000-00007ff6d86fdfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15216ec.40e0: 00007ff6d86fe000-00007ff6d86fffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15316ec.40e0: 00007ff6d8700000-00007ff6d8700fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15416ec.40e0: 00007ff6d8701000-00007ff6d8749fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
15516ec.40e0: 00007ff6d874a000-00007ffff4e0ffff 0x0001/0x0000 0x0000000
15616ec.40e0: *00007ffff4e10000-00007ffff4e10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
15716ec.40e0: 00007ffff4e11000-00007ffff4e5ffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
15816ec.40e0: 00007ffff4e60000-00007ffff4e81fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
15916ec.40e0: 00007ffff4e82000-00007ffff4e84fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
16016ec.40e0: 00007ffff4e85000-00007ffff4ea0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\apphelp.dll
16116ec.40e0: 00007ffff4ea1000-00007ffff7e0ffff 0x0001/0x0000 0x0000000
16216ec.40e0: *00007ffff7e10000-00007ffff7e10fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
16316ec.40e0: 00007ffff7e11000-00007ffff7f25fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
16416ec.40e0: 00007ffff7f26000-00007ffff80a2fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
16516ec.40e0: 00007ffff80a3000-00007ffff80a6fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
16616ec.40e0: 00007ffff80a7000-00007ffff80a7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
16716ec.40e0: 00007ffff80a8000-00007ffff80e1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
16816ec.40e0: 00007ffff80e2000-00007ffff837ffff 0x0001/0x0000 0x0000000
16916ec.40e0: *00007ffff8380000-00007ffff8380fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17016ec.40e0: 00007ffff8381000-00007ffff83fffff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17116ec.40e0: 00007ffff8400000-00007ffff8433fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17216ec.40e0: 00007ffff8434000-00007ffff8434fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17316ec.40e0: 00007ffff8435000-00007ffff8435fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17416ec.40e0: 00007ffff8436000-00007ffff843efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17516ec.40e0: 00007ffff843f000-00007ffffa32ffff 0x0001/0x0000 0x0000000
17616ec.40e0: *00007ffffa330000-00007ffffa330fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
17716ec.40e0: 00007ffffa331000-00007ffffa44cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
17816ec.40e0: 00007ffffa44d000-00007ffffa495fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
17916ec.40e0: 00007ffffa496000-00007ffffa496fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
18016ec.40e0: 00007ffffa497000-00007ffffa498fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
18116ec.40e0: 00007ffffa499000-00007ffffa4a1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
18216ec.40e0: 00007ffffa4a2000-00007ffffa527fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
18316ec.40e0: 00007ffffa528000-00007ffffffeffff 0x0001/0x0000 0x0000000
18416ec.40e0: kernel32.dll: timestamp 0x73bb7c6b (rc=VINF_SUCCESS)
18516ec.40e0: kernelbase.dll: timestamp 0x7f7062e1 (rc=VINF_SUCCESS)
18616ec.40e0: apphelp.dll: timestamp 0x6fdd676d (rc=VINF_SUCCESS)
18716ec.40e0: VirtualBoxVM.exe: timestamp 0x63457348 (rc=VINF_SUCCESS)
18816ec.40e0: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
18916ec.40e0: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
19016ec.40e0: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
19116ec.40e0: kernel32.dll: Differences in section #2 (.rdata) between file and memory:
19216ec.40e0: 00007ffff8403748 / 0x0083748: a0 != 30
19316ec.40e0: 00007ffff8403749 / 0x0083749: dc != 32
19416ec.40e0: 00007ffff840374a / 0x008374a: 3c != e5
19516ec.40e0: 00007ffff840374b / 0x008374b: fa != f4
19616ec.40e0: 00007ffff8403b50 / 0x0083b50: 90 != a0
19716ec.40e0: 00007ffff8403b51 / 0x0083b51: d5 != 31
19816ec.40e0: 00007ffff8403b52 / 0x0083b52: 3c != e5
19916ec.40e0: 00007ffff8403b53 / 0x0083b53: fa != f4
20016ec.40e0: 00007ffff8403ce0 / 0x0083ce0: 50 != b0
20116ec.40e0: 00007ffff8403ce1 / 0x0083ce1: db != 2f
20216ec.40e0: 00007ffff8403ce2 / 0x0083ce2: 3c != e5
20316ec.40e0: 00007ffff8403ce3 / 0x0083ce3: fa != f4
20416ec.40e0: Restored 0x2000 bytes of original file content at 00007ffff8402000
20516ec.40e0: kernel32.dll: Differences in section #2 (.rdata) between file and memory:
20616ec.40e0: 00007ffff84040e0 / 0x00840e0: 50 != b0
20716ec.40e0: 00007ffff84040e1 / 0x00840e1: db != 2f
20816ec.40e0: 00007ffff84040e2 / 0x00840e2: 3c != e5
20916ec.40e0: 00007ffff84040e3 / 0x00840e3: fa != f4
21016ec.40e0: Restored 0x2000 bytes of original file content at 00007ffff8404000
21116ec.40e0: kernelbase.dll: Differences in section #2 (.rdata) between file and memory:
21216ec.40e0: 00007ffff7fd6190 / 0x01c6190: 90 != a0
21316ec.40e0: 00007ffff7fd6191 / 0x01c6191: d5 != 31
21416ec.40e0: 00007ffff7fd6192 / 0x01c6192: 3c != e5
21516ec.40e0: 00007ffff7fd6193 / 0x01c6193: fa != f4
21616ec.40e0: 00007ffff7fd61c8 / 0x01c61c8: 50 != b0
21716ec.40e0: 00007ffff7fd61c9 / 0x01c61c9: db != 2f
21816ec.40e0: 00007ffff7fd61ca / 0x01c61ca: 3c != e5
21916ec.40e0: 00007ffff7fd61cb / 0x01c61cb: fa != f4
22016ec.40e0: 00007ffff7fd6300 / 0x01c6300: a0 != 30
22116ec.40e0: 00007ffff7fd6301 / 0x01c6301: dc != 32
22216ec.40e0: 00007ffff7fd6302 / 0x01c6302: 3c != e5
22316ec.40e0: 00007ffff7fd6303 / 0x01c6303: fa != f4
22416ec.40e0: 00007ffff7fd6a88 / 0x01c6a88: a0 != 30
22516ec.40e0: 00007ffff7fd6a89 / 0x01c6a89: dc != 32
22616ec.40e0: 00007ffff7fd6a8a / 0x01c6a8a: 3c != e5
22716ec.40e0: 00007ffff7fd6a8b / 0x01c6a8b: fa != f4
22816ec.40e0: Restored 0x2000 bytes of original file content at 00007ffff7fd6000
22916ec.40e0: apphelp.dll: Differences in section #2 (.rdata) between file and memory:
23016ec.40e0: 00007ffff4e61ea8 / 0x0051ea8: 00 != f0
23116ec.40e0: 00007ffff4e61ea9 / 0x0051ea9: 9d != cd
23216ec.40e0: 00007ffff4e61eaa / 0x0051eaa: e7 != 39
23316ec.40e0: 00007ffff4e61eab / 0x0051eab: f7 != f8
23416ec.40e0: 00007ffff4e61eb0 / 0x0051eb0: 10 != 60
23516ec.40e0: 00007ffff4e61eb1 / 0x0051eb1: ca != 0d
23616ec.40e0: 00007ffff4e61eb2 / 0x0051eb2: e8 != 3a
23716ec.40e0: 00007ffff4e61eb3 / 0x0051eb3: f7 != f8
23816ec.40e0: 00007ffff4e61eb8 / 0x0051eb8: a0 != 80
23916ec.40e0: 00007ffff4e61eb9 / 0x0051eb9: c8 != 4e
24016ec.40e0: 00007ffff4e61eba / 0x0051eba: e4 != 3a
24116ec.40e0: 00007ffff4e61ebb / 0x0051ebb: f7 != f8
24216ec.40e0: 00007ffff4e61ec0 / 0x0051ec0: 60 != 90
24316ec.40e0: 00007ffff4e61ec1 / 0x0051ec1: ef != 4e
24416ec.40e0: 00007ffff4e61ec2 / 0x0051ec2: e6 != 3a
24516ec.40e0: 00007ffff4e61ec3 / 0x0051ec3: f7 != f8
24616ec.40e0: 00007ffff4e61ec8 / 0x0051ec8: b0 != e0
24716ec.40e0: 00007ffff4e61ec9 / 0x0051ec9: 71 != b0
24816ec.40e0: 00007ffff4e61eca / 0x0051eca: e7 != 39
24916ec.40e0: 00007ffff4e61ecb / 0x0051ecb: f7 != f8
25016ec.40e0: 00007ffff4e61ed0 / 0x0051ed0: 30 != d0
25116ec.40e0: 00007ffff4e61ed1 / 0x0051ed1: 53 != 59
25216ec.40e0: 00007ffff4e61ed2 / 0x0051ed2: e5 != 39
25316ec.40e0: 00007ffff4e61ed3 / 0x0051ed3: f7 != f8
25416ec.40e0: 00007ffff4e61ed9 / 0x0051ed9: 73 != d1
25516ec.40e0: 00007ffff4e61eda / 0x0051eda: e1 != 39
25616ec.40e0: 00007ffff4e61edb / 0x0051edb: f7 != f8
25716ec.40e0: 00007ffff4e61ee8 / 0x0051ee8: b0 != f0
25816ec.40e0: 00007ffff4e61ee9 / 0x0051ee9: 06 != b3
25916ec.40e0: 00007ffff4e61eea / 0x0051eea: e4 != 39
26016ec.40e0: 00007ffff4e61eeb / 0x0051eeb: f7 != f8
26116ec.40e0: Restored 0x2000 bytes of original file content at 00007ffff4e60000
26216ec.40e0: supHardNtVpCheckHandles:
26316ec.40e0: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=4
26416ec.40e0: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
26516ec.40e0: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
26616ec.40e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
26716ec.40e0: supR3HardNtEnableThreadCreationEx:
26816ec.40e0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffffa3a4c10 pvNtTerminateThread=00007ffffa3cdb10
26916ec.40e0: supR3HardenedWinDoReSpawn(1): New child 20cc.2904 [kernel32].
27016ec.40e0: supR3HardNtChildGatherData: PebBaseAddress=00000000011fe000 cbPeb=0x388
27116ec.40e0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffffa330000 uNtDllChildAddr=00007ffffa330000
27216ec.40e0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffffa3a4c10
27316ec.40e0: supR3HardenedWinSetupChildInit: Initial context:
274 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d8637900 rdx=00000000011fe000
275 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
276 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
277 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
278 rip=00007ffffa382680 rsp=0000000000f7faf8 rbp=0000000000000000 ctxflags=0010001b
279 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
280 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
281 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
282 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
283 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
28416ec.40e0: supR3HardenedWinSetupChildInit: Start child.
28516ec.40e0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
28616ec.40e0: supR3HardNtChildPurify: Startup delay kludge #1/0: 260 ms, 16 sleeps
28716ec.40e0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
28816ec.40e0: *0000000000000000-0000000000e3ffff 0x0001/0x0000 0x0000000
28916ec.40e0: *0000000000e40000-0000000000e5ffff 0x0004/0x0004 0x0020000
29016ec.40e0: *0000000000e60000-0000000000e7cfff 0x0002/0x0002 0x0040000
29116ec.40e0: 0000000000e7d000-0000000000e7ffff 0x0001/0x0000 0x0000000
29216ec.40e0: *0000000000e80000-0000000000f7afff 0x0000/0x0004 0x0020000
29316ec.40e0: 0000000000f7b000-0000000000f7dfff 0x0104/0x0004 0x0020000
29416ec.40e0: 0000000000f7e000-0000000000f7ffff 0x0004/0x0004 0x0020000
29516ec.40e0: *0000000000f80000-0000000000f83fff 0x0002/0x0002 0x0040000
29616ec.40e0: 0000000000f84000-0000000000f8ffff 0x0001/0x0000 0x0000000
29716ec.40e0: *0000000000f90000-0000000000f91fff 0x0004/0x0004 0x0020000
29816ec.40e0: 0000000000f92000-0000000000ffffff 0x0001/0x0000 0x0000000
29916ec.40e0: *0000000001000000-0000000001001fff 0x0004/0x0004 0x0020000
30016ec.40e0: 0000000001002000-00000000011fdfff 0x0000/0x0004 0x0020000
30116ec.40e0: 00000000011fe000-00000000011fefff 0x0004/0x0004 0x0020000
30216ec.40e0: 00000000011ff000-00000000011fffff 0x0000/0x0004 0x0020000
30316ec.40e0: 0000000001200000-000000007ffdffff 0x0001/0x0000 0x0000000
30416ec.40e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
30516ec.40e0: 000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
30616ec.40e0: *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
30716ec.40e0: 000000007ffef000-00007ff51116ffff 0x0001/0x0000 0x0000000
30816ec.40e0: *00007ff511170000-00007ff511170fff 0x0002/0x0002 0x0040000
30916ec.40e0: 00007ff511171000-00007ff51117ffff 0x0001/0x0000 0x0000000
31016ec.40e0: *00007ff511180000-00007ff5111a2fff 0x0002/0x0002 0x0040000
31116ec.40e0: 00007ff5111a3000-00007ff6d862ffff 0x0001/0x0000 0x0000000
31216ec.40e0: *00007ff6d8630000-00007ff6d8630fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31316ec.40e0: 00007ff6d8631000-00007ff6d86a8fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31416ec.40e0: 00007ff6d86a9000-00007ff6d86a9fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31516ec.40e0: 00007ff6d86aa000-00007ff6d86f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31616ec.40e0: 00007ff6d86f4000-00007ff6d86f4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31716ec.40e0: 00007ff6d86f5000-00007ff6d86f5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31816ec.40e0: 00007ff6d86f6000-00007ff6d86fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
31916ec.40e0: 00007ff6d86fb000-00007ff6d86fbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
32016ec.40e0: 00007ff6d86fc000-00007ff6d86fcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
32116ec.40e0: 00007ff6d86fd000-00007ff6d8700fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
32216ec.40e0: 00007ff6d8701000-00007ff6d8749fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
32316ec.40e0: 00007ff6d874a000-00007ffffa32ffff 0x0001/0x0000 0x0000000
32416ec.40e0: *00007ffffa330000-00007ffffa330fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
32516ec.40e0: 00007ffffa331000-00007ffffa44cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
32616ec.40e0: 00007ffffa44d000-00007ffffa495fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
32716ec.40e0: 00007ffffa496000-00007ffffa4a1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
32816ec.40e0: 00007ffffa4a2000-00007ffffa4b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
32916ec.40e0: 00007ffffa4b1000-00007ffffa4b1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
33016ec.40e0: 00007ffffa4b2000-00007ffffa4b4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
33116ec.40e0: 00007ffffa4b5000-00007ffffa527fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
33216ec.40e0: 00007ffffa528000-00007ffffffeffff 0x0001/0x0000 0x0000000
33316ec.40e0: supR3HardNtChildPurify: Done after 261 ms and 0 fixes (loop #0).
33420cc.2904: Log file opened: 6.1.40r154048 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6500
33520cc.2904: supR3HardenedVmProcessInit: uNtDllAddr=00007ffffa330000 g_uNtVerCombined=0xa04a6500 (stack ~0000000000f7f588)
33620cc.2904: ntdll.dll: timestamp 0xb5ced1c6 (rc=VINF_SUCCESS)
33720cc.2904: New simple heap: #1 0000000001300000 LB 0x400000 (for 2064384 allocation)
33816ec.40e0: supR3HardNtEnableThreadCreationEx:
33920cc.2904: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
34020cc.2904: System32: \Device\HarddiskVolume8\Windows\System32
34120cc.2904: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
34220cc.2904: KnownDllPath: C:\WINDOWS\System32
34320cc.2904: supR3HardenedVmProcessInit: Opening vboxsup stub...
34420cc.2904: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
34520cc.2904: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
34620cc.2904: Registered Dll notification callback with NTDLL.
34720cc.2904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel32.dll)
34820cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel32.dll
34920cc.2904: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
35020cc.2904: supR3HardenedDllNotificationCallback: load 00007ffff7e10000 LB 0x002d2000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
35120cc.2904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\KernelBase.dll)
35220cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
35320cc.2904: supR3HardenedDllNotificationCallback: load 00007ffff8380000 LB 0x000bf000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
35420cc.2904: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
35520cc.2904: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8380000 'C:\WINDOWS\System32\KERNEL32.DLL'
35620cc.2904: supR3HardenedDllNotificationCallback: load 00007ff6d8630000 LB 0x0011a000 D:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
35720cc.2904: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
35820cc.2904: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
35920cc.2904: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
36020cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
36120cc.2904: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffffa3a4c10 pvNtTerminateThread=00007ffffa3cdb10
36216ec.40e0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 80 ms.
36320cc.2904: \SystemRoot\System32\ntdll.dll:
36420cc.2904: CreationTime: 2022-10-12T09:29:37.470806700Z
36520cc.2904: LastWriteTime: 2022-10-12T09:29:37.501062700Z
36620cc.2904: ChangeTime: 2022-11-09T08:56:56.308945900Z
36720cc.2904: FileAttributes: 0x20
36820cc.2904: Size: 0x1ef5b8
36920cc.2904: NT Headers: 0xe8
37020cc.2904: Timestamp: 0xb5ced1c6
37120cc.2904: Machine: 0x8664 - amd64
37220cc.2904: Timestamp: 0xb5ced1c6
37320cc.2904: Image Version: 10.0
37420cc.2904: SizeOfImage: 0x1f8000 (2064384)
37520cc.2904: Resource Dir: 0x186000 LB 0x700a0
37620cc.2904: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
37720cc.2904: [Raw version resource data: 0x1860f0 LB 0x380, codepage 0x0 (reserved 0x0)]
37820cc.2904: ProductName: Microsoft® Windows® Operating System
37920cc.2904: ProductVersion: 10.0.19041.2130
38020cc.2904: FileVersion: 10.0.19041.2130 (WinBuild.160101.0800)
38120cc.2904: FileDescription: NT Layer DLL
38220cc.2904: \SystemRoot\System32\kernel32.dll:
38320cc.2904: CreationTime: 2022-11-09T08:56:24.017546400Z
38420cc.2904: LastWriteTime: 2022-11-09T08:56:24.031210200Z
38520cc.2904: ChangeTime: 2022-11-09T16:12:46.008741900Z
38620cc.2904: FileAttributes: 0x20
38720cc.2904: Size: 0xbc890
38820cc.2904: NT Headers: 0xf8
38920cc.2904: Timestamp: 0x73bb7c6b
39020cc.2904: Machine: 0x8664 - amd64
39120cc.2904: Timestamp: 0x73bb7c6b
39220cc.2904: Image Version: 10.0
39320cc.2904: SizeOfImage: 0xbf000 (782336)
39420cc.2904: Resource Dir: 0xbd000 LB 0x520
39520cc.2904: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
39620cc.2904: [Raw version resource data: 0xbd0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
39720cc.2904: ProductName: Microsoft® Windows® Operating System
39820cc.2904: ProductVersion: 10.0.19041.2251
39920cc.2904: FileVersion: 10.0.19041.2251 (WinBuild.160101.0800)
40020cc.2904: FileDescription: Windows NT BASE API Client DLL
40120cc.2904: \SystemRoot\System32\KernelBase.dll:
40220cc.2904: CreationTime: 2022-11-09T08:56:21.651724300Z
40320cc.2904: LastWriteTime: 2022-11-09T08:56:21.706379300Z
40420cc.2904: ChangeTime: 2022-11-09T16:12:50.873731200Z
40520cc.2904: FileAttributes: 0x20
40620cc.2904: Size: 0x2d3ce8
40720cc.2904: NT Headers: 0xf0
40820cc.2904: Timestamp: 0x7f7062e1
40920cc.2904: Machine: 0x8664 - amd64
41020cc.2904: Timestamp: 0x7f7062e1
41120cc.2904: Image Version: 10.0
41220cc.2904: SizeOfImage: 0x2d2000 (2957312)
41320cc.2904: Resource Dir: 0x2a8000 LB 0x548
41420cc.2904: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
41520cc.2904: [Raw version resource data: 0x2a80b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
41620cc.2904: ProductName: Microsoft® Windows® Operating System
41720cc.2904: ProductVersion: 10.0.19041.2193
41820cc.2904: FileVersion: 10.0.19041.2193 (WinBuild.160101.0800)
41920cc.2904: FileDescription: Windows NT BASE API Client DLL
42020cc.2904: \SystemRoot\System32\apisetschema.dll:
42120cc.2904: CreationTime: 2019-12-07T09:08:13.518339400Z
42220cc.2904: LastWriteTime: 2019-12-07T09:08:13.518339400Z
42320cc.2904: ChangeTime: 2022-11-09T08:56:56.230867300Z
42420cc.2904: FileAttributes: 0x20
42520cc.2904: Size: 0x1f538
42620cc.2904: NT Headers: 0xd0
42720cc.2904: Timestamp: 0x31288ce0
42820cc.2904: Machine: 0x8664 - amd64
42920cc.2904: Timestamp: 0x31288ce0
43020cc.2904: Image Version: 10.0
43120cc.2904: SizeOfImage: 0x20000 (131072)
43220cc.2904: Resource Dir: 0x1f000 LB 0x408
43320cc.2904: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
43420cc.2904: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
43520cc.2904: ProductName: Microsoft® Windows® Operating System
43620cc.2904: ProductVersion: 10.0.19041.1
43720cc.2904: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
43820cc.2904: FileDescription: ApiSet Schema DLL
43920cc.2904: supR3HardenedWinFindAdversaries: 0x0
44020cc.2904: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
44120cc.2904: Calling main()
44220cc.2904: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
44320cc.2904: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
44420cc.2904: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
44520cc.2904: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
44620cc.2904: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
44720cc.2904: SUPR3HardenedMain: Respawn #2
44820cc.2904: supR3HardNtEnableThreadCreationEx:
44920cc.2904: supR3HardenedDllNotificationCallback: load 00007ffff8590000 LB 0x00125000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
45020cc.2904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll)
45120cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
45220cc.2904: supR3HardenedDllNotificationCallback: load 00007ffff84f0000 LB 0x0009c000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
45320cc.2904: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
45420cc.2904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\sechost.dll)
45520cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\sechost.dll
45620cc.2904: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
45720cc.2904: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ntdll.dll)
45820cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ntdll.dll
45920cc.2904: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
46020cc.2904: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
46120cc.2904: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
46220cc.2904: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
46320cc.2904: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffa330000 'C:\WINDOWS\System32\ntdll.dll'
46420cc.2904: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\apphelp.dll)
46520cc.2904: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\apphelp.dll
46620cc.2904: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\apphelp.dll (rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000000:<flags> [calling]
46720cc.2904: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
46820cc.2904: supR3HardenedDllNotificationCallback: load 00007ffff4e10000 LB 0x00091000 C:\WINDOWS\system32\apphelp.dll [fFlags=0x0]
46920cc.2904: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\apphelp.dll [lacks WinVerifyTrust]
47020cc.2904: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ntdll.dll [lacks WinVerifyTrust]
47120cc.2904: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
47220cc.2904: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffffa330000 'C:\WINDOWS\System32\ntdll.dll'
47320cc.2904: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff4e10000 'C:\WINDOWS\system32\apphelp.dll'
47420cc.2904: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffffa3a4c10 pvNtTerminateThread=00007ffffa3cdb10
47520cc.2904: supR3HardenedWinDoReSpawn(2): New child 3a08.2eb4 [kernel32].
47620cc.2904: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
47720cc.2904: supR3HardNtChildGatherData: PebBaseAddress=00000000011bc000 cbPeb=0x388
47820cc.2904: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffffa330000 uNtDllChildAddr=00007ffffa330000
47920cc.2904: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffffa3a4c10
48020cc.2904: supR3HardenedWinSetupChildInit: Initial context:
481 rax=0000000000000000 rbx=0000000000000000 rcx=00007ff6d8637900 rdx=00000000011bc000
482 rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
483 r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
484 r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
485 rip=00007ffffa382680 rsp=00000000012fff08 rbp=0000000000000000 ctxflags=0010001b
486 cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
487 P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
488 dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
489 dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
490 lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
49120cc.2904: kernel32.dll: timestamp 0x73bb7c6b (rc=VINF_SUCCESS)
49220cc.2904: supR3HardenedWinSetupChildInit: Start child.
49320cc.2904: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
49420cc.2904: supR3HardNtChildPurify: Startup delay kludge #1/0: 263 ms, 17 sleeps
49520cc.2904: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
49620cc.2904: *0000000000000000-0000000000ecffff 0x0001/0x0000 0x0000000
49720cc.2904: *0000000000ed0000-0000000000eeffff 0x0004/0x0004 0x0020000
49820cc.2904: *0000000000ef0000-0000000000f0cfff 0x0002/0x0002 0x0040000
49920cc.2904: 0000000000f0d000-0000000000f0ffff 0x0001/0x0000 0x0000000
50020cc.2904: *0000000000f10000-0000000000f13fff 0x0002/0x0002 0x0040000
50120cc.2904: 0000000000f14000-0000000000f1ffff 0x0001/0x0000 0x0000000
50220cc.2904: *0000000000f20000-0000000000f21fff 0x0004/0x0004 0x0020000
50320cc.2904: 0000000000f22000-0000000000ffffff 0x0001/0x0000 0x0000000
50420cc.2904: *0000000001000000-00000000011bbfff 0x0000/0x0004 0x0020000
50520cc.2904: 00000000011bc000-00000000011befff 0x0004/0x0004 0x0020000
50620cc.2904: 00000000011bf000-00000000011fffff 0x0000/0x0004 0x0020000
50720cc.2904: *0000000001200000-00000000012fafff 0x0000/0x0004 0x0020000
50820cc.2904: 00000000012fb000-00000000012fdfff 0x0104/0x0004 0x0020000
50920cc.2904: 00000000012fe000-00000000012fffff 0x0004/0x0004 0x0020000
51020cc.2904: 0000000001300000-000000007ffdffff 0x0001/0x0000 0x0000000
51120cc.2904: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
51220cc.2904: 000000007ffe1000-000000007ffedfff 0x0001/0x0000 0x0000000
51320cc.2904: *000000007ffee000-000000007ffeefff 0x0002/0x0002 0x0020000
51420cc.2904: 000000007ffef000-00007ff58b10ffff 0x0001/0x0000 0x0000000
51520cc.2904: *00007ff58b110000-00007ff58b110fff 0x0002/0x0002 0x0040000
51620cc.2904: 00007ff58b111000-00007ff58b11ffff 0x0001/0x0000 0x0000000
51720cc.2904: *00007ff58b120000-00007ff58b142fff 0x0002/0x0002 0x0040000
51820cc.2904: 00007ff58b143000-00007ff6d862ffff 0x0001/0x0000 0x0000000
51920cc.2904: *00007ff6d8630000-00007ff6d8630fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52020cc.2904: 00007ff6d8631000-00007ff6d86a8fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52120cc.2904: 00007ff6d86a9000-00007ff6d86a9fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52220cc.2904: 00007ff6d86aa000-00007ff6d86f3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52320cc.2904: 00007ff6d86f4000-00007ff6d86f4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52420cc.2904: 00007ff6d86f5000-00007ff6d86f5fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52520cc.2904: 00007ff6d86f6000-00007ff6d86fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52620cc.2904: 00007ff6d86fb000-00007ff6d86fbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52720cc.2904: 00007ff6d86fc000-00007ff6d86fcfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52820cc.2904: 00007ff6d86fd000-00007ff6d8700fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
52920cc.2904: 00007ff6d8701000-00007ff6d8749fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
53020cc.2904: 00007ff6d874a000-00007ffffa32ffff 0x0001/0x0000 0x0000000
53120cc.2904: *00007ffffa330000-00007ffffa330fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53220cc.2904: 00007ffffa331000-00007ffffa44cfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53320cc.2904: 00007ffffa44d000-00007ffffa495fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53420cc.2904: 00007ffffa496000-00007ffffa4a1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53520cc.2904: 00007ffffa4a2000-00007ffffa4b0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53620cc.2904: 00007ffffa4b1000-00007ffffa4b1fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53720cc.2904: 00007ffffa4b2000-00007ffffa4b4fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53820cc.2904: 00007ffffa4b5000-00007ffffa527fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
53920cc.2904: 00007ffffa528000-00007ffffffeffff 0x0001/0x0000 0x0000000
54020cc.2904: VirtualBoxVM.exe: timestamp 0x63457348 (rc=VINF_SUCCESS)
54120cc.2904: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
54220cc.2904: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
54320cc.2904: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
54420cc.2904: supR3HardNtChildPurify: Done after 302 ms and 0 fixes (loop #0).
5453a08.2eb4: Log file opened: 6.1.40r154048 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa04a6500
5463a08.2eb4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffffa330000 g_uNtVerCombined=0xa04a6500 (stack ~00000000012ff998)
5473a08.2eb4: ntdll.dll: timestamp 0xb5ced1c6 (rc=VINF_SUCCESS)
54820cc.2904: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001300000 LB 0x400000)
5493a08.2eb4: New simple heap: #1 0000000001400000 LB 0x400000 (for 2064384 allocation)
55020cc.2904: supR3HardNtEnableThreadCreationEx:
5513a08.2eb4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
5523a08.2eb4: System32: \Device\HarddiskVolume8\Windows\System32
5533a08.2eb4: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
5543a08.2eb4: KnownDllPath: C:\WINDOWS\System32
5553a08.2eb4: supR3HardenedVmProcessInit: Opening vboxsup...
5563a08.2eb4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
5573a08.2eb4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
5583a08.2eb4: Registered Dll notification callback with NTDLL.
5593a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel32.dll)
5603a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel32.dll
5613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
5623a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7e10000 LB 0x002d2000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
5633a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\KernelBase.dll)
5643a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
5653a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8380000 LB 0x000bf000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
5663a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
5673a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8380000 'C:\WINDOWS\System32\KERNEL32.DLL'
5683a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ff6d8630000 LB 0x0011a000 D:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
5693a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
5703a08.2eb4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
5713a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
5723a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
5733a08.2eb4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffffa3a4c10 pvNtTerminateThread=00007ffffa3cdb10
57420cc.2904: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 153 ms.
5753a08.2eb4: \SystemRoot\System32\ntdll.dll:
5763a08.2eb4: CreationTime: 2022-10-12T09:29:37.470806700Z
5773a08.2eb4: LastWriteTime: 2022-10-12T09:29:37.501062700Z
5783a08.2eb4: ChangeTime: 2022-11-09T08:56:56.308945900Z
5793a08.2eb4: FileAttributes: 0x20
5803a08.2eb4: Size: 0x1ef5b8
5813a08.2eb4: NT Headers: 0xe8
5823a08.2eb4: Timestamp: 0xb5ced1c6
5833a08.2eb4: Machine: 0x8664 - amd64
5843a08.2eb4: Timestamp: 0xb5ced1c6
5853a08.2eb4: Image Version: 10.0
5863a08.2eb4: SizeOfImage: 0x1f8000 (2064384)
5873a08.2eb4: Resource Dir: 0x186000 LB 0x700a0
5883a08.2eb4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
5893a08.2eb4: [Raw version resource data: 0x1860f0 LB 0x380, codepage 0x0 (reserved 0x0)]
5903a08.2eb4: ProductName: Microsoft® Windows® Operating System
5913a08.2eb4: ProductVersion: 10.0.19041.2130
5923a08.2eb4: FileVersion: 10.0.19041.2130 (WinBuild.160101.0800)
5933a08.2eb4: FileDescription: NT Layer DLL
5943a08.2eb4: \SystemRoot\System32\kernel32.dll:
5953a08.2eb4: CreationTime: 2022-11-09T08:56:24.017546400Z
5963a08.2eb4: LastWriteTime: 2022-11-09T08:56:24.031210200Z
5973a08.2eb4: ChangeTime: 2022-11-09T16:12:46.008741900Z
5983a08.2eb4: FileAttributes: 0x20
5993a08.2eb4: Size: 0xbc890
6003a08.2eb4: NT Headers: 0xf8
6013a08.2eb4: Timestamp: 0x73bb7c6b
6023a08.2eb4: Machine: 0x8664 - amd64
6033a08.2eb4: Timestamp: 0x73bb7c6b
6043a08.2eb4: Image Version: 10.0
6053a08.2eb4: SizeOfImage: 0xbf000 (782336)
6063a08.2eb4: Resource Dir: 0xbd000 LB 0x520
6073a08.2eb4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6083a08.2eb4: [Raw version resource data: 0xbd0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
6093a08.2eb4: ProductName: Microsoft® Windows® Operating System
6103a08.2eb4: ProductVersion: 10.0.19041.2251
6113a08.2eb4: FileVersion: 10.0.19041.2251 (WinBuild.160101.0800)
6123a08.2eb4: FileDescription: Windows NT BASE API Client DLL
6133a08.2eb4: \SystemRoot\System32\KernelBase.dll:
6143a08.2eb4: CreationTime: 2022-11-09T08:56:21.651724300Z
6153a08.2eb4: LastWriteTime: 2022-11-09T08:56:21.706379300Z
6163a08.2eb4: ChangeTime: 2022-11-09T16:12:50.873731200Z
6173a08.2eb4: FileAttributes: 0x20
6183a08.2eb4: Size: 0x2d3ce8
6193a08.2eb4: NT Headers: 0xf0
6203a08.2eb4: Timestamp: 0x7f7062e1
6213a08.2eb4: Machine: 0x8664 - amd64
6223a08.2eb4: Timestamp: 0x7f7062e1
6233a08.2eb4: Image Version: 10.0
6243a08.2eb4: SizeOfImage: 0x2d2000 (2957312)
6253a08.2eb4: Resource Dir: 0x2a8000 LB 0x548
6263a08.2eb4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
6273a08.2eb4: [Raw version resource data: 0x2a80b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
6283a08.2eb4: ProductName: Microsoft® Windows® Operating System
6293a08.2eb4: ProductVersion: 10.0.19041.2193
6303a08.2eb4: FileVersion: 10.0.19041.2193 (WinBuild.160101.0800)
6313a08.2eb4: FileDescription: Windows NT BASE API Client DLL
6323a08.2eb4: \SystemRoot\System32\apisetschema.dll:
6333a08.2eb4: CreationTime: 2019-12-07T09:08:13.518339400Z
6343a08.2eb4: LastWriteTime: 2019-12-07T09:08:13.518339400Z
6353a08.2eb4: ChangeTime: 2022-11-09T08:56:56.230867300Z
6363a08.2eb4: FileAttributes: 0x20
6373a08.2eb4: Size: 0x1f538
6383a08.2eb4: NT Headers: 0xd0
6393a08.2eb4: Timestamp: 0x31288ce0
6403a08.2eb4: Machine: 0x8664 - amd64
6413a08.2eb4: Timestamp: 0x31288ce0
6423a08.2eb4: Image Version: 10.0
6433a08.2eb4: SizeOfImage: 0x20000 (131072)
6443a08.2eb4: Resource Dir: 0x1f000 LB 0x408
6453a08.2eb4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
6463a08.2eb4: [Raw version resource data: 0x1f060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
6473a08.2eb4: ProductName: Microsoft® Windows® Operating System
6483a08.2eb4: ProductVersion: 10.0.19041.1
6493a08.2eb4: FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
6503a08.2eb4: FileDescription: ApiSet Schema DLL
6513a08.2eb4: supR3HardenedWinFindAdversaries: 0x0
6523a08.2eb4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
6533a08.2eb4: Calling main()
6543a08.2eb4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
6553a08.2eb4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
6563a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
6573a08.2eb4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
6583a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
6593a08.2eb4: SUPR3HardenedMain: Final process, opening VBoxDrv...
6603a08.2eb4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000001400000 LB 0x400000)
6613a08.2eb4: supR3HardNtEnableThreadCreationEx:
6623a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
6633a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
6643a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
6653a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6663a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6673a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff0090000 LB 0x00005000 D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
6683a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6693a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6703a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6713a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff0090000 'D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
6723a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
6733a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
6743a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff0090000 'D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
6753a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff0090000 'D:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
6763a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
6773a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
6783a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wintrust.dll)
6793a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wintrust.dll
6803a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
6813a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
6823a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll)
6833a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
6843a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
6853a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
6863a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msvcrt.dll)
6873a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
6883a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
6893a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8800000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
6903a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
6913a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8590000 LB 0x00125000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
6923a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
6933a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7b40000 LB 0x0006a000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
6943a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
6953a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7d10000 LB 0x00100000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
6963a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ucrtbase.dll)
6973a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ucrtbase.dll
6983a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8120000 LB 0x00156000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
6993a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\crypt32.dll)
7003a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\crypt32.dll
7013a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
7023a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
7033a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-synch-l1-2-0'
7043a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
7053a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
7063a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-fibers-l1-1-1'
7073a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
7083a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
7093a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-fibers-l1-1-1'
7103a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
7113a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
7123a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-synch-l1-2-0'
7133a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
7143a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
7153a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-localization-l1-2-1'
7163a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msasn1.dll)
7173a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msasn1.dll
7183a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff75d0000 LB 0x00012000 C:\WINDOWS\SYSTEM32\MSASN1.dll [fFlags=0x0]
7193a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
7203a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7b40000 'C:\WINDOWS\system32\Wintrust.dll'
7213a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\bcrypt.dll)
7223a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\bcrypt.dll
7233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
7243a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7c50000 LB 0x00027000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
7253a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7c50000 'C:\WINDOWS\system32\bcrypt.dll'
7273a08.2eb4: bcrypt.dll loaded at 00007ffff7c50000, BCryptOpenAlgorithmProvider at 00007ffff7c551e0, preloading providers:
7283a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll)
7293a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
7303a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7313a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7c80000 LB 0x00082000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
7323a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
7333a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7c80000 'C:\WINDOWS\system32\bcryptprimitives.dll'
7343a08.2eb4: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000001861940)
7353a08.2eb4: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000001861fd0)
7363a08.2eb4: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=00000000018622f0)
7373a08.2eb4: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000001862610)
7383a08.2eb4: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000001862930)
7393a08.2eb4: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000001862c50)
7403a08.2eb4: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000001862f70)
7413a08.2eb4: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000001863290)
7423a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptsp.dll)
7433a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptsp.dll
7443a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7300000 LB 0x00018000 C:\WINDOWS\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
7453a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
7463a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
7473a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rsaenh.dll)
7483a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
7493a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
7503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
7513a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
7523a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7533a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7543a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff6a30000 LB 0x00034000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
7553a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7563a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
7573a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptbase.dll)
7583a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptbase.dll
7593a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7320000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
7603a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
7613a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
7623a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7633a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8380000 'C:\WINDOWS\System32\kernel32.dll'
7643a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
7653a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7663a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7b40000 'C:\WINDOWS\System32\WINTRUST.DLL'
7673a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7683a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
7693a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\CRYPT32.dll'
7703a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9ca0000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
7713a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\imagehlp.dll)
7723a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\imagehlp.dll
7733a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
7743a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
7753a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
7763a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff84f0000 LB 0x0009c000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
7773a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
7783a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\sechost.dll)
7793a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\sechost.dll
7803a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7813a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
7823a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gpapi.dll)
7833a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gpapi.dll
7843a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff62c0000 LB 0x00023000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
7853a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
7863a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\profapi.dll)
7873a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\profapi.dll
7883a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7970000 LB 0x0001f000 C:\WINDOWS\SYSTEM32\profapi.dll [fFlags=0x0]
7893a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\profapi.dll [lacks WinVerifyTrust]
7903a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
7913a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
7923a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptnet.dll)
7933a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptnet.dll
7943a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
7953a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume8\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
7963a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
7973a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
7983a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
7993a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8003a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8013a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8023a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8033a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8043a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8053a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8063a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8073a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8083a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8093a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8103a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8113a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffd1e10000 LB 0x00031000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
8123a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8133a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8143a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8153a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8163a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8173a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8183a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8193a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8203a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8213a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8223a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8243a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8253a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8273a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8283a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8293a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
8303a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8313a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8333a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8343a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8353a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8363a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8373a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8383a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8393a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8403a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8413a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\WINDOWS\System32\cryptnet.dll'
8423a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
8433a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd1e10000 'C:\Windows\System32\cryptnet.dll'
8443a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8453a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8463a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
8473a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8440000 LB 0x000ae000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
8483a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
8493a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
8503a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
8513a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\advapi32.dll)
8523a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\advapi32.dll
8533a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8543a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
8553a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
8563a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8573a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
8583a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume8\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
8593a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\sechost.dll [lacks WinVerifyTrust]
8603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
8613a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
8623a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
8633a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8643a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
8653a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8663a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8673a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
8683a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
8693a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: New context 00000000018aef60
8703a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
8713a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6D74D0FCB83F607A8F565F61FCB8AC8870582858
8723a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
8733a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8743a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8590000 'C:\WINDOWS\System32\rpcrt4.dll'
8753a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8763a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8773a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
8783a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8793a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8803a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
8813a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0516~31bf3856ad364e35~amd64~~10.0.19041.2130.cat'; file='\SystemRoot\System32\ntdll.dll'
8823a08.2eb4: g_pfnWinVerifyTrust=00007ffff7b41f00
8833a08.2eb4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
8843a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8853a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8863a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
8873a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
8883a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8893a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
8903a08.2eb4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\crypt32.dll'
8913a08.2eb4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
8923a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
8933a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8943a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
8953a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
8963a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
8973a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
8983a08.2eb4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\wintrust.dll'
8993a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9003a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9013a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9023a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9033a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\advapi32.dll'
9043a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9053a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9063a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9073a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptnet.dll'
9083a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9093a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9103a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9113a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\profapi.dll'
9123a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9133a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9143a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9153a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gpapi.dll'
9163a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9173a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9183a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9193a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\sechost.dll'
9203a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9213a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9223a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9233a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\imagehlp.dll'
9243a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9253a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9273a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptbase.dll'
9283a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
9293a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9303a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
9313a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9333a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rsaenh.dll'
9343a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
9353a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
9363a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9373a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9383a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptsp.dll'
9393a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9403a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9413a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll'
9423a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9433a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9443a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll'
9453a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9463a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9473a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msasn1.dll'
9483a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9493a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9503a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\ucrtbase.dll'
9513a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9523a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9533a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll'
9543a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9553a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9563a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll'
9573a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9583a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9593a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
9603a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9623a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
9633a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9643a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9653a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\KernelBase.dll'
9663a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
9673a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
9683a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\kernel32.dll'
9693a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\system32\crypt32.dll'
9703a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
9713a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
9723a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
9733a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xbc7b8abac8d2dc00 CN=STATION-TEN
9743a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x858311f603baac00 CN=STATION-TEN
9753a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
9763a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
9773a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
9783a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
9793a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
9803a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
9813a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
9823a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
9833a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
9843a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
9853a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
9863a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
9873a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
9883a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
9893a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
9903a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
9913a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
9923a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
9933a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
9943a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
9953a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
9963a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
9973a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6536f24d57ae723 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust ECC Certification Authority
9983a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
9993a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xd944bca189a00 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2
10003a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
10013a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xcb7d2ba3dd0ff900 C=US, ST=Texas, L=Houston, O=SSL Corporation, CN=SSL.com Root Certification Authority RSA
10023a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
10033a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
10043a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
10053a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
10063a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
10073a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
10083a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xd41691e475fb8515 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO ECC Certification Authority
10093a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
10103a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x4ef92ac43a0cd500 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Services Root Certificate Authority - G2
10113a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
10123a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xef62113787ebace5 C=US, O=GeoTrust Inc., OU=(c) 2007 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G2
10133a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
10143a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
10153a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
10163a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
10173a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x4b24f9897ec7e300 C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden EV Root CA
10183a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
10193a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
10203a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x35f812d09650dc00 C=FR, O=Certplus, CN=Class 2 Primary CA
10213a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
10223a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
10233a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
10243a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
10253a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
10263a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xef477acf4ab2d300 C=DE, O=D-Trust GmbH, CN=D-TRUST Root Class 3 CA 2 2009
10273a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
10283a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
10293a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xe87add30c52db600 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Code Signing Root R45
10303a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
10313a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA
10323a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
10333a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
10343a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
10353a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
10363a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
10373a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
10383a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
10393a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
10403a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
10413a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
10423a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
10433a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
10443a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
10453a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
10463a08.2eb4: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
10473a08.2eb4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=77
10483a08.2eb4: SUPR3HardenedMain: Load Runtime...
10493a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
10503a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
10513a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
10523a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10533a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
10543a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
10553a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
10563a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
10573a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
10583a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
10593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
10603a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
10613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
10623a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
10633a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ws2_32.dll) WinVerifyTrust
10643a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
10653a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10663a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10673a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
10683a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
10693a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
10703a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
10713a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
10723a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
10733a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
10743a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
10753a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
10763a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
10773a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
10783a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
10793a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10803a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10813a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
10823a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
10833a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
10843a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
10853a08.2eb4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
10863a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)
10873a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
10883a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
10893a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
10903a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
10913a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
10923a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
10933a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
10943a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
10953a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
10963a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
10973a08.2eb4: supR3HardenedDllNotificationCallback: load 0000000058bb0000 LB 0x000d2000 D:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
10983a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
10993a08.2eb4: supR3HardenedDllNotificationCallback: load 00000000585a0000 LB 0x00098000 D:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
11003a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
11013a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9fa0000 LB 0x0006b000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
11023a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
11033a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffb99a0000 LB 0x005fc000 D:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
11043a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11053a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11063a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11073a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11083a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11093a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11103a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11113a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11123a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11133a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11143a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11153a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11163a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11173a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11183a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11193a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11203a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11213a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11223a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11243a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11253a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11263a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11273a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11283a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11293a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11303a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11313a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11323a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11333a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11343a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11353a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11363a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11373a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11383a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11393a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11403a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11413a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11423a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11433a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11443a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11453a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11463a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11473a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11483a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11493a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11503a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11513a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11523a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11533a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11543a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11553a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11563a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11573a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11583a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11593a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11603a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11613a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11623a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11633a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11643a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11653a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11663a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11673a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11683a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11693a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11703a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11713a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11723a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11733a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11743a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11753a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11763a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11773a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11783a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11793a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11803a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11813a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11823a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11833a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11843a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
11853a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
11863a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11873a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11883a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11893a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11903a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11913a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11923a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11933a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11943a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11953a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11963a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
11973a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
11983a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
11993a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12003a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12013a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12023a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12033a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12043a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12053a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12063a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12073a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12083a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12093a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12103a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12113a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12123a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12133a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12143a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12153a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12163a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12173a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12183a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12193a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12203a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12213a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12223a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12233a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12243a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12253a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12273a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12283a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12293a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12303a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12313a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12323a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12333a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12343a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12353a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12363a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12373a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12383a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12393a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12403a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12413a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12423a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12433a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12443a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12453a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12463a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12473a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12483a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12493a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12503a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12513a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12523a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12533a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12543a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12553a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12563a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12573a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12583a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12593a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12603a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12623a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12633a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12643a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12653a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12663a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
12673a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12683a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12693a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12703a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12713a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12723a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12733a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12743a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12753a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12763a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12773a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12783a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12793a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
12803a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
12813a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb99a0000 'D:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
12823a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
12833a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
12843a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
12853a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
12863a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
12873a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7b40000 'C:\WINDOWS\system32\Wintrust.dll'
12883a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
12893a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
12903a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
12913a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
12923a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
12933a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
12943a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\system32\crypt32.dll'
12953a08.2eb4: SUPR3HardenedMain: Load TrustedMain...
12963a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
12973a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
12983a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
12993a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
13003a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
13013a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
13023a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
13033a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
13043a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
13053a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
13063a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
13073a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
13083a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
13093a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
13103a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
13113a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
13123a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
13133a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
13143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
13153a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
13163a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
13173a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
13183a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
13193a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\winmm.dll) WinVerifyTrust
13203a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\winmm.dll
13213a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
13223a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
13233a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
13243a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
13253a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
13263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
13273a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
13283a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
13293a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
13303a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
13313a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\oleaut32.dll) WinVerifyTrust
13323a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
13333a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
13343a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
13353a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13363a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13373a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
13383a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13393a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13403a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
13413a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
13423a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\combase.dll)
13433a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\combase.dll
13443a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
13453a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
13463a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
13473a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll)
13483a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
13493a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13513a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
13523a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
13533a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'rpcrt4.dll'.
13543a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #49 'gdi32.dll'.
13553a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'user32.dll'.
13563a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
13573a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ole32.dll) WinVerifyTrust
13583a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ole32.dll
13593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13613a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
13623a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
13633a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [lacks WinVerifyTrust]
13643a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
13653a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
13663a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
13673a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
13683a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'.
13693a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\user32.dll)
13703a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\user32.dll
13713a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13723a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13733a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
13743a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'win32u.dll'.
13753a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gdi32.dll)
13763a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gdi32.dll
13773a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
13783a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
13793a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13803a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13813a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
13823a08.2eb4: '\Device\HarddiskVolume8\Windows\System32\win32u.dll' has no imports
13833a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\win32u.dll)
13843a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\win32u.dll
13853a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
13863a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
13873a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
13883a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
13893a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
13903a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [lacks WinVerifyTrust]
13913a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
13923a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
13933a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
13943a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'.
13953a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\user32.dll) WinVerifyTrust
13963a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
13973a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
13983a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
13993a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14003a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14013a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14023a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
14033a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
14043a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [lacks WinVerifyTrust]
14053a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
14063a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
14073a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
14083a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
14093a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
14103a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
14113a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
14123a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
14133a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
14143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
14153a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
14163a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14173a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14183a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14193a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14203a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14213a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
14223a08.2eb4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
14233a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14243a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
14253a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
14263a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
14273a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
14283a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
14293a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
14303a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
14313a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
14323a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
14333a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14343a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14353a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
14363a08.2eb4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
14373a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
14383a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
14393a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
14403a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
14413a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
14423a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14433a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14443a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
14453a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
14463a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
14473a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
14483a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
14493a08.2eb4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
14503a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
14513a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
14523a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
14533a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
14543a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
14553a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
14563a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
14573a08.2eb4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
14583a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
14593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14613a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14623a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14633a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14643a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14653a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
14663a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
14673a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
14683a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
14693a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #72 'user32.dll'.
14703a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #74 'gdi32.dll'.
14713a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\shell32.dll)
14723a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\shell32.dll
14733a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14743a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14753a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14763a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
14773a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
14783a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
14793a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14803a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14813a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
14823a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14833a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14843a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
14853a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
14863a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
14873a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
14883a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
14893a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
14903a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
14913a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
14923a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
14933a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
14943a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
14953a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
14963a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
14973a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
14983a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
14993a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15003a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15013a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15023a08.2eb4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\opengl32.dll'.
15033a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15043a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
15053a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
15063a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
15073a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
15083a08.2eb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\opengl32.dll)
15093a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\opengl32.dll
15103a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15113a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15123a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
15133a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15153a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
15163a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15173a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15183a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
15193a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
15203a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
15213a08.2eb4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
15223a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\mpr.dll)
15233a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\mpr.dll
15243a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
15253a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
15263a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
15273a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15283a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15293a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
15303a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
15313a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
15323a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
15333a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15343a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15353a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [lacks WinVerifyTrust]
15363a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15373a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15383a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
15393a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
15403a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
15413a08.2eb4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
15423a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
15433a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
15443a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
15453a08.2eb4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\glu32.dll)
15463a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\glu32.dll
15473a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15483a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15493a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15513a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15523a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
15533a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
15543a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
15553a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
15563a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15573a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15583a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
15593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
15603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
15613a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
15623a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15633a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15643a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
15653a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
15663a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
15673a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
15683a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
15693a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
15703a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
15713a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
15723a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
15733a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
15743a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
15753a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
15763a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
15773a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
15783a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
15793a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
15803a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
15813a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
15823a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
15833a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
15843a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
15853a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
15863a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
15873a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
15883a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
15893a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
15903a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
15913a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
15923a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
15933a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
15943a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
15953a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
15963a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
15973a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
15983a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [lacks WinVerifyTrust]
15993a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16003a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16013a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
16023a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
16033a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
16043a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
16053a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16063a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16073a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
16083a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
16093a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
16103a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
16113a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
16123a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
16133a08.2eb4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
16143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16153a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16163a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
16173a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
16183a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
16193a08.2eb4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
16203a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16213a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16223a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
16233a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
16243a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
16253a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
16263a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
16273a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
16283a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
16293a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
16303a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
16313a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
16323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
16333a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
16343a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
16353a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
16363a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
16373a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
16383a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
16393a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
16403a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
16413a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
16423a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
16433a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
16443a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
16453a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
16463a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
16473a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
16483a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000564 pwszName=\Device\HarddiskVolume8\Windows\System32\opengl32.dll
16493a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
16503a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
16513a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=A2AEE4E25FD9F2277839C356360EC8D4F48E54AB
16523a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
16533a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
16543a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
16553a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
16563a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
16573a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
16583a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
16593a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
16603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
16613a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
16623a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
16633a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
16643a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
16653a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
16663a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
16673a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
16683a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
16693a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
16703a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
16713a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
16723a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
16733a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
16743a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16753a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
16763a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
16773a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
16783a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
16793a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
16803a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
16813a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0312~31bf3856ad364e35~amd64~~10.0.19041.2251.cat'; file='\Device\HarddiskVolume8\Windows\System32\opengl32.dll'
16823a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
16833a08.2eb4: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\opengl32.dll'
16843a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
16853a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
16863a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll
16873a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
16883a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
16893a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
16903a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
16913a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
16923a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
16933a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
16943a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
16953a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff80f0000 LB 0x00022000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
16963a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
16973a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7bb0000 LB 0x0009d000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
16983a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
16993a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7a30000 LB 0x0010f000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
17003a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
17013a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'gdi32.dll'.
17023a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
17033a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'win32u.dll'.
17043a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gdi32full.dll)
17053a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gdi32full.dll
17063a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff97f0000 LB 0x0002b000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
17073a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
17083a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9650000 LB 0x0019d000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
17093a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [avoiding WinVerifyTrust]
17103a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff92f0000 LB 0x00354000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
17113a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [avoiding WinVerifyTrust]
17123a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffd35b0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
17133a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
17143a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffd37e0000 LB 0x00125000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
17153a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll
17163a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8a30000 LB 0x00743000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
17173a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
17183a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9cc0000 LB 0x0012a000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
17193a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
17203a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffdd7e0000 LB 0x0001d000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
17213a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
17223a08.2eb4: supR3HardenedDllNotificationCallback: load 0000000058640000 LB 0x00565000 D:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
17233a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
17243a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffb93a0000 LB 0x005f7000 D:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
17253a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
17263a08.2eb4: supR3HardenedDllNotificationCallback: load 0000000058030000 LB 0x00561000 D:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
17273a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
17283a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9e70000 LB 0x000cd000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
17293a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
17303a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fff64260000 LB 0x02320000 D:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
17313a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
17323a08.2eb4: supR3HardenedDllNotificationCallback: load 0000000057bd0000 LB 0x00054000 D:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
17333a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
17343a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffe5e00000 LB 0x00027000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
17353a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
17363a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffb8720000 LB 0x001c9000 D:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
17373a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
17383a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
17393a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
17403a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
17413a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
17423a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
17433a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
17443a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
17453a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
17463a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
17473a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
17483a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
17493a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
17503a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
17513a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
17523a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
17533a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
17543a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
17553a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
17563a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
17573a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
17583a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll
17593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
17603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
17613a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [redoing WinVerifyTrust]
17623a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
17633a08.2eb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\win32u.dll
17643a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
17653a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
17663a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [redoing WinVerifyTrust]
17673a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
17683a08.2eb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\user32.dll
17693a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
17703a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
17713a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
17723a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
17733a08.2eb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\gdi32.dll
17743a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
17753a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
17763a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
17773a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
17783a08.2eb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
17793a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
17803a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8380000 'C:\WINDOWS\System32\kernel32.dll'
17813a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
17823a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
17833a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
17843a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
17853a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
17863a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
17873a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
17883a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
17893a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
17903a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
17913a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
17923a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
17933a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
17943a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
17953a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
17963a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
17973a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
17983a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
17993a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
18003a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
18013a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
18023a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
18033a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
18043a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
18053a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
18063a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
18073a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
18083a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
18093a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18103a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18113a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
18123a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
18133a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
18143a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
18153a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
18163a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
18173a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
18183a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
18193a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
18203a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
18213a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
18223a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
18233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-string-l1-1-0'
18243a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
18253a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
18263a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
18273a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
18283a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
18293a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
18303a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
18313a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
18323a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18333a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18343a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
18353a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
18363a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
18373a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
18383a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
18393a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
18403a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
18413a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
18423a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
18433a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
18443a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
18453a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
18463a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
18473a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
18483a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
18493a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
18503a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
18513a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
18523a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18533a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18543a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
18553a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
18563a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
18573a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
18583a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
18593a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
18603a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
18613a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
18623a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
18633a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
18643a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
18653a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
18663a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-datetime-l1-1-1'
18673a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
18683a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
18693a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
18703a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
18713a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
18723a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
18733a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
18743a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
18753a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18763a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18773a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
18783a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
18793a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
18803a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
18813a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
18823a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
18833a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
18843a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
18853a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
18863a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
18873a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
18883a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
18893a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
18903a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
18913a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
18923a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
18933a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
18943a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
18953a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
18963a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
18973a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
18983a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
18993a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
19003a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
19013a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
19023a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
19033a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
19043a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
19053a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
19063a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
19073a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
19083a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
19093a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-localization-obsolete-l1-2-0'
19103a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
19113a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
19123a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
19133a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
19143a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
19153a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
19163a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
19173a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
19183a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19193a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19203a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
19213a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
19223a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
19233a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
19243a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
19253a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
19263a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
19273a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
19283a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
19293a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
19303a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
19313a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
19323a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
19333a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
19343a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
19353a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
19363a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
19373a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
19383a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19393a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19403a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
19413a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
19423a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
19433a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
19443a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
19453a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
19463a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
19473a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
19483a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
19493a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
19503a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
19513a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
19523a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
19533a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\imm32.dll)
19543a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\imm32.dll
19553a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
19563a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
19573a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [redoing WinVerifyTrust]
19583a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
19593a08.2eb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\win32u.dll
19603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
19613a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
19623a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [redoing WinVerifyTrust]
19633a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
19643a08.2eb4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume8\Windows\System32\user32.dll
19653a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
19663a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff92b0000 LB 0x00032000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
19673a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
19683a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff92b0000 'C:\WINDOWS\system32\IMM32.DLL'
19693a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
19703a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rescheduled]
19713a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
19723a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
19733a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
19743a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
19753a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
19763a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
19773a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
19783a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
19793a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
19803a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
19813a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
19823a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
19833a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
19843a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
19853a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
19863a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
19873a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
19883a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
19893a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
19903a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
19913a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
19923a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rescheduled]
19933a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
19943a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
19953a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
19963a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
19973a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
19983a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
19993a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
20003a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
20013a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20023a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20033a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
20043a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
20053a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
20063a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
20073a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
20083a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
20093a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
20103a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
20113a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
20123a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
20133a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
20143a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
20153a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8440000 'C:\WINDOWS\System32\ADVAPI32.DLL'
20163a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\imm32.dll'.
20173a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rescheduled]
20183a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'.
20193a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll' [rescheduled]
20203a08.2eb4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
20213a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rescheduled]
20223a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
20233a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rescheduled]
20243a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
20253a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rescheduled]
20263a08.2eb4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
20273a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
20283a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
20293a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rescheduled]
20303a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
20313a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rescheduled]
20323a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
20333a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rescheduled]
20343a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
20353a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rescheduled]
20363a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
20373a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rescheduled]
20383a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb8720000 'D:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
20393a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20403a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20413a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\imm32.dll'
20423a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20433a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20443a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gdi32full.dll'
20453a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000568 pwszName=\Device\HarddiskVolume8\Windows\System32\glu32.dll
20463a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
20473a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
20483a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DE0496B16E55ECF498D60D793C6B353475195082
20493a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20503a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20513a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0312~31bf3856ad364e35~amd64~~10.0.19041.2251.cat'; file='\Device\HarddiskVolume8\Windows\System32\glu32.dll'
20523a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
20533a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll'
20543a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20553a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20563a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll'
20573a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20583a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20593a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll'
20603a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20623a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
20633a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20643a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20653a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll'
20663a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20673a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20683a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'
20693a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20703a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20713a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\user32.dll'
20723a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20733a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20743a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'
20753a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
20763a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
20773a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\combase.dll'
20783a08.2eb4: SUPR3HardenedMain: Calling TrustedMain (00007fffb87216c0)...
20793a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'combase.dll'.
20803a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'msvcp_win.dll'.
20813a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'wldp.dll'.
20823a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\windows.storage.dll)
20833a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\windows.storage.dll
20843a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20853a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wldp.dll)
20863a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wldp.dll
20873a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7420000 LB 0x00030000 C:\WINDOWS\SYSTEM32\Wldp.dll [fFlags=0x0]
20883a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wldp.dll [avoiding WinVerifyTrust]
20893a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff5af0000 LB 0x00792000 C:\WINDOWS\SYSTEM32\windows.storage.dll [fFlags=0x0]
20903a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\windows.storage.dll [avoiding WinVerifyTrust]
20913a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff88a0000 LB 0x000ad000 C:\WINDOWS\System32\SHCORE.dll [fFlags=0x0]
20923a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
20933a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'combase.dll'.
20943a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\SHCore.dll)
20953a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\SHCore.dll
20963a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9f40000 LB 0x00055000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
20973a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
20983a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\shlwapi.dll)
20993a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\shlwapi.dll
21003a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21013a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21023a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
21033a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
21043a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
21053a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
21063a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21073a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21083a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21093a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21103a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldp.dll'...
21113a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldp.dll' -> '\Device\HarddiskVolume8\Windows\System32\wldp.dll' [rcNtRedir=0xc0150008]
21123a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wldp.dll [lacks WinVerifyTrust]
21133a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
21143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
21153a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
21163a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
21173a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
21183a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
21193a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
21203a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
21213a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll'
21223a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
21233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
21243a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\SHCore.dll'
21253a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
21263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
21273a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\wldp.dll'
21283a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
21293a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
21303a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\windows.storage.dll'
21313a08.2eb4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
21323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
21333a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
21343a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
21353a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
21363a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
21373a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
21383a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
21393a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
21403a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
21413a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
21423a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
21433a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
21443a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
21453a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
21463a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
21473a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
21483a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
21493a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
21503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
21513a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
21523a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
21533a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
21543a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
21553a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
21563a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
21573a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
21583a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
21593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
21603a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
21613a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
21623a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
21633a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
21643a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
21653a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
21663a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
21673a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
21683a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
21693a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\imm32.dll
21703a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
21713a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
21723a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
21733a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
21743a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
21753a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
21763a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
21773a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21783a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
21793a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffb9270000 LB 0x0012e000 D:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
21803a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
21813a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb9270000 'D:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
21823a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
21833a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
21843a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll)
21853a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll
21863a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff62a0000 LB 0x00012000 C:\WINDOWS\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
21873a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
21883a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
21893a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
21903a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
21913a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
21923a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
21933a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
21943a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
21953a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
21963a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\kernel.appcore.dll'
21973a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006c4 pwszName=\Device\HarddiskVolume8\Windows\System32\uxtheme.dll
21983a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
21993a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
22003a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EEF1DB9FBCF33E7B78381431C34E992AF5F020DD
22013a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
22023a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
22033a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2251.cat'; file='\Device\HarddiskVolume8\Windows\System32\uxtheme.dll'
22043a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
22053a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22063a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
22073a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
22083a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\uxtheme.dll) WinVerifyTrust
22093a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
22103a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
22113a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
22123a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
22133a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
22143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22153a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22163a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
22173a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
22183a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff50e0000 LB 0x0009e000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
22193a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
22203a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff50e0000 'C:\WINDOWS\system32\uxtheme.dll'
22213a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9650000 'C:\WINDOWS\system32\user32.dll'
22223a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
22233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22243a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
22253a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
22263a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22273a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff88a0000 'C:\WINDOWS\system32\SHCore.dll'
22283a08.2eb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
22293a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
22303a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
22313a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5e00000 'C:\WINDOWS\system32\winmm.dll'
22333a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\winmm.dll
22343a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22353a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5e00000 'C:\WINDOWS\system32\winmm.dll'
22363a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
22373a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22383a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
22393a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\uxtheme.dll
22403a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22413a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff50e0000 'C:\WINDOWS\system32\uxtheme.dll'
22423a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
22433a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22443a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8440000 'C:\WINDOWS\system32\advapi32.dll'
22453a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
22463a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
22473a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
22483a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\userenv.dll) WinVerifyTrust
22493a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\userenv.dll
22503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22513a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22523a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22533a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\userenv.dll
22543a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff7930000 LB 0x0002e000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
22553a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\userenv.dll
22563a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7930000 'C:\WINDOWS\system32\userenv.dll'
22573a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll
22583a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22593a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8380000 'C:\WINDOWS\System32\kernel32.dll'
22603a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8750000 LB 0x000af000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
22613a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
22623a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
22633a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\clbcatq.dll)
22643a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\clbcatq.dll
22653a08.307c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
22663a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
22673a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
22683a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
22693a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
22703a08.307c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
22713a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
22723a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
22733a08.307c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\clbcatq.dll'
22743a08.307c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll: Signature #1/2: info status: 24202
22753a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
22763a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
22773a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
22783a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
22793a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
22803a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
22813a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
22823a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
22833a08.307c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
22843a08.307c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
22853a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
22863a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
22873a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
22883a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
22893a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
22903a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
22913a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
22923a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
22933a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
22943a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
22953a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
22963a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
22973a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
22983a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
22993a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23003a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23013a08.307c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
23023a08.307c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
23033a08.307c: supR3HardenedDllNotificationCallback: load 00007fffb8db0000 LB 0x003c2000 D:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
23043a08.307c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
23053a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb8db0000 'D:\Program Files\Oracle\VirtualBox\VBoxC.dll'
23063a08.307c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll: Signature #1/2: info status: 24202
23073a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
23083a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
23093a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
23103a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
23113a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
23123a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
23133a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
23143a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
23153a08.307c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
23163a08.307c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
23173a08.307c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
23183a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
23193a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
23203a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23213a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23223a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
23233a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
23243a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
23253a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
23263a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
23273a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
23283a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shlwapi.dll
23293a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
23303a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
23313a08.307c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
23323a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
23333a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
23343a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
23353a08.307c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
23363a08.307c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
23373a08.307c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
23383a08.307c: supR3HardenedDllNotificationCallback: load 00007fffb9180000 LB 0x000ef000 D:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
23393a08.307c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
23403a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb9180000 'D:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
23413a08.307c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
23423a08.307c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
23433a08.307c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9e70000 'C:\Windows\System32\oleaut32.dll'
23443a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff97f0000 'C:\WINDOWS\system32\gdi32.dll'
23453a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff9180000 LB 0x00115000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
23463a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23473a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
23483a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
23493a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
23503a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'imm32.dll'.
23513a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msctf.dll)
23523a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msctf.dll
23533a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
23543a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume8\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
23553a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\imm32.dll
23563a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
23573a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
23583a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
23593a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
23603a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
23613a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
23623a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
23633a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
23643a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
23653a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
23663a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
23673a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msctf.dll'
23683a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000978 pwszName=\Device\HarddiskVolume8\Windows\System32\DataExchange.dll
23693a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
23703a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
23713a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F602E8855BCD942955FA9DBB13C4E4D44C41A311
23723a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
23733a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
23743a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0510~31bf3856ad364e35~amd64~~10.0.19041.2130.cat'; file='\Device\HarddiskVolume8\Windows\System32\DataExchange.dll'
23753a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
23763a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
23773a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'd3d11.dll'.
23783a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'dcomp.dll'.
23793a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DataExchange.dll) WinVerifyTrust
23803a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DataExchange.dll
23813a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
23823a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume8\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
23833a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
23843a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
23853a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
23863a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
23873a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\dcomp.dll) WinVerifyTrust
23883a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\dcomp.dll
23893a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
23903a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume8\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
23913a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
23923a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
23933a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
23943a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
23953a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
23963a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll
23973a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
23983a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
23993a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24003a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'dxgi.dll'.
24013a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'.
24023a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\d3d11.dll) WinVerifyTrust
24033a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\d3d11.dll
24043a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24053a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24063a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
24073a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
24083a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll
24093a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
24103a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume8\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
24113a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
24123a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
24133a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24143a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
24153a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\dxgi.dll) WinVerifyTrust
24163a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\dxgi.dll
24173a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24183a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24193a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
24203a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
24213a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
24223a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll
24233a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
24243a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
24253a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
24263a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DataExchange.dll
24273a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d11.dll
24283a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dcomp.dll
24293a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dxgi.dll
24303a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff62f0000 LB 0x000f3000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
24313a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dxgi.dll
24323a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff3080000 LB 0x00263000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
24333a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\d3d11.dll
24343a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff3eb0000 LB 0x001e3000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
24353a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\dcomp.dll
24363a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffd4210000 LB 0x0003e000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
24373a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DataExchange.dll
24383a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff97f0000 'C:\WINDOWS\System32\gdi32.dll'
24393a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd4210000 'C:\WINDOWS\system32\dataexchange.dll'
24403a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
24413a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
24423a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'msvcp_win.dll'.
24433a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll)
24443a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll
24453a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff0e20000 LB 0x00200000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
24463a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
24473a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
24483a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
24493a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
24503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
24513a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
24523a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
24533a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
24543a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
24553a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
24563a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
24573a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
24583a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\twinapi.appcore.dll'
24593a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
24603a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
24613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff88a0000 'C:\WINDOWS\system32\Shcore.dll'
24623a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24633a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'oleaut32.dll'.
24643a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
24653a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coreuicomponents.dll'.
24663a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'coremessaging.dll'.
24673a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll)
24683a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll
24693a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24703a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
24713a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'rpcrt4.dll'.
24723a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #48 'shcore.dll'.
24733a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll)
24743a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll
24753a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
24763a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'ws2_32.dll'.
24773a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll)
24783a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll
24793a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ntmarta.dll)
24803a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ntmarta.dll
24813a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
24823a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
24833a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
24843a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\WinTypes.dll)
24853a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\WinTypes.dll
24863a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff6b50000 LB 0x00033000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
24873a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
24883a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff47f0000 LB 0x000f2000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
24893a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
24903a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff3d50000 LB 0x00154000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
24913a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
24923a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff4490000 LB 0x0035e000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
24933a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
24943a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffee840000 LB 0x000f9000 C:\WINDOWS\SYSTEM32\textinputframework.dll [fFlags=0x0]
24953a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
24963a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
24973a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
24983a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
24993a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25003a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25013a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
25023a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
25033a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll
25043a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
25053a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
25063a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
25073a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25083a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25093a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
25103a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume8\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
25113a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\SHCore.dll
25123a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25133a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25143a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
25153a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume8\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
25163a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
25173a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25183a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25193a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
25203a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume8\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
25213a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
25223a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
25233a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume8\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
25243a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
25253a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
25263a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
25273a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
25283a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
25293a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
25303a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25313a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25333a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25343a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\WinTypes.dll'
25353a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25363a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25373a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\ntmarta.dll'
25383a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25393a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25403a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\CoreMessaging.dll'
25413a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25423a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25433a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\CoreUIComponents.dll'
25443a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25453a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25463a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\TextInputFramework.dll'
25473a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
25483a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25493a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9650000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
25503a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
25513a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25523a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9650000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
25533a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
25543a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25553a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff92f0000 'api-ms-win-core-com-l1-1-0.dll'
25563a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msctf.dll
25573a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
25583a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9180000 'C:\WINDOWS\System32\MSCTF.dll'
25593a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
25603a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
25613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9cc0000 'C:\WINDOWS\System32\ole32.dll'
25623a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9e70000 'C:\WINDOWS\System32\OLEAUT32.dll'
25633a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ab8 pwszName=\Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
25643a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
25653a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
25663a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=D5E9B4B8E891F6D9AAF89D119CB8AAE1934ED673
25673a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25683a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25693a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.2130.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll'
25703a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25713a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25723a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
25733a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
25743a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
25753a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
25763a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
25773a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
25783a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000acc pwszName=\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
25793a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
25803a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
25813a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B97C1D711C478066C1314800E4F6D26F93811194
25823a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
25833a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
25843a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.2130.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll'
25853a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
25863a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
25873a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll) WinVerifyTrust
25883a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
25893a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
25903a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
25913a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
25923a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25933a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25943a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
25953a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
25963a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
25973a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
25983a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
25993a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffe52b0000 LB 0x00090000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
26003a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
26013a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffddd10000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
26023a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemprox.dll
26033a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
26043a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
26053a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
26063a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffddd10000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
26073a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b2c pwszName=\Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
26083a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
26093a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
26103a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8CA332CD27CD01F33F85EB4BED516FAA617B555A
26113a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
26123a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
26133a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.2130.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll'
26143a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26153a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26163a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
26173a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
26183a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
26193a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26203a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26213a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26223a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26233a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
26243a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
26253a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffe1e40000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
26263a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\wbemsvc.dll
26273a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe1e40000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
26283a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
26293a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
26303a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-localization-l1-2-0.dll'
26313a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
26323a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
26333a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
26343a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b34 pwszName=\Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
26353a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
26363a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
26373a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=184DC69A17259EC62BC6A74793DCE28D7CC5A1AC
26383a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
26393a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
26403a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.19041.2130.cat'; file='\Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll'
26413a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26423a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26433a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
26443a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
26453a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
26463a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
26473a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume8\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
26483a08.2eb4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbemcomn.dll
26493a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26503a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26513a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
26523a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
26533a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffe1e60000 LB 0x0010b000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
26543a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wbem\fastprox.dll
26553a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe1e60000 'C:\WINDOWS\system32\wbem\fastprox.dll'
26563a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b58 pwszName=\Device\HarddiskVolume8\Windows\System32\amsi.dll
26573a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 00000000018aef60
26583a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=00000000018aef60
26593a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2C518B943705EDB0D7976047E242B01E7521D4C2
26603a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
26613a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
26623a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05~31bf3856ad364e35~amd64~~10.0.19041.2251.cat'; file='\Device\HarddiskVolume8\Windows\System32\amsi.dll'
26633a08.2eb4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
26643a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
26653a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
26663a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\amsi.dll) WinVerifyTrust
26673a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\amsi.dll
26683a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
26693a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
26703a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
26713a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
26723a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26733a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\amsi.dll
26743a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffdddd0000 LB 0x0001f000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
26753a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\amsi.dll
26763a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffdddd0000 'C:\WINDOWS\System32\amsi.dll'
26773a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
26783a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
26793a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
26803a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
26813a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
26823a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOAV.dll) WinVerifyTrust
26833a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOAV.dll
26843a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
26853a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
26863a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
26873a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
26883a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
26893a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
26903a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOav.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
26913a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOAV.dll
26923a08.2eb4: supR3HardenedDllNotificationCallback: load 00007fffddd50000 LB 0x0007b000 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOav.dll [fFlags=0x0]
26933a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOAV.dll
26943a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
26953a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26963a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-synch-l1-2-0'
26973a08.2eb4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
26983a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
26993a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff7e10000 'api-ms-win-core-localization-l1-2-1'
27003a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll
27013a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
27023a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8380000 'C:\WINDOWS\System32\kernel32.dll'
27033a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\version.dll'.
27043a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
27053a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\version.dll)
27063a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\version.dll
27073a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
27083a08.2eb4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
27093a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
27103a08.2eb4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll [avoiding WinVerifyTrust]
27113a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff24e0000 LB 0x0000a000 C:\WINDOWS\system32\version.dll [fFlags=0x0]
27123a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\version.dll [avoiding WinVerifyTrust]
27133a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff24e0000 'C:\WINDOWS\system32\version.dll'
27143a08.2eb4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\version.dll'.
27153a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Windows\System32\version.dll' [rescheduled]
27163a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffddd50000 'C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2210.6-0\MpOav.dll'
27173a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27183a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27193a08.2eb4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\version.dll'
27203a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8440000 'C:\WINDOWS\System32\ADVAPI32.dll'
27213a08.3f2c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll: Signature #1/2: info status: 24202
27223a08.3f2c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27233a08.3f2c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27243a08.3f2c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27253a08.3f2c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
27263a08.3f2c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
27273a08.3f2c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27283a08.3f2c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27293a08.3f2c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27303a08.3f2c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27313a08.3f2c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27323a08.3f2c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27333a08.3f2c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27343a08.3f2c: supR3HardenedDllNotificationCallback: load 00007fffb83a0000 LB 0x0037e000 D:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
27353a08.3f2c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27363a08.3f2c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb83a0000 'D:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
27373a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9cc0000 'C:\WINDOWS\system32\ole32.dll'
27383a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27393a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27403a08.3ce4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll: Signature #1/2: info status: 24202
27413a08.3ce4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27423a08.3ce4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27433a08.3ce4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27443a08.3ce4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
27453a08.3ce4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
27463a08.3ce4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
27473a08.3ce4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
27483a08.3ce4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
27493a08.3ce4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
27503a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
27513a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
27523a08.3ce4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll
27533a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27543a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27553a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
27563a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
27573a08.3ce4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
27583a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
27593a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
27603a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27613a08.3ce4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27623a08.3ce4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27633a08.3ce4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
27643a08.3ce4: supR3HardenedDllNotificationCallback: load 00007fffefce0000 LB 0x00010000 D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
27653a08.3ce4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
27663a08.3ce4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffefce0000 'D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
27673a08.29cc: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll: Signature #1/2: info status: 24202
27683a08.29cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27693a08.29cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27703a08.29cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27713a08.29cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
27723a08.29cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27733a08.29cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
27743a08.29cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
27753a08.29cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
27763a08.29cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
27773a08.29cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
27783a08.29cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
27793a08.29cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
27803a08.29cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
27813a08.29cc: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27823a08.29cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
27833a08.29cc: supR3HardenedDllNotificationCallback: load 00007fffefcd0000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
27843a08.29cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
27853a08.29cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffefcd0000 'D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
27863a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
27873a08.29d4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
27883a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\Shell32.dll'
27893a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27903a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27913a08.29d4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll: Signature #1/2: info status: 24202
27923a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
27933a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
27943a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
27953a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
27963a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
27973a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
27983a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
27993a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
28003a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
28013a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
28023a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
28033a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
28043a08.29d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
28053a08.29d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
28063a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
28073a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
28083a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
28093a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
28103a08.29d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
28113a08.29d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL
28123a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
28133a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
28143a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
28153a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
28163a08.29d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
28173a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
28183a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
28193a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
28203a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
28213a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
28223a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'rpcrt4.dll'.
28233a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'cfgmgr32.dll'.
28243a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'bcrypt.dll'.
28253a08.29d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\setupapi.dll) WinVerifyTrust
28263a08.29d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\setupapi.dll
28273a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28283a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28293a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
28303a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
28313a08.29d4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll: Signature #1/2: info status: 24202
28323a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
28333a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
28343a08.29d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll
28353a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
28363a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
28373a08.29d4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'.
28383a08.29d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll)
28393a08.29d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll
28403a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
28413a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
28423a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
28433a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
28443a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
28453a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
28463a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28473a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28483a08.29d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
28493a08.29d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28503a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
28513a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
28523a08.29d4: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll: Signature #1/2: info status: 24202
28533a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28543a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28553a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28563a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28573a08.29d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
28583a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
28593a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
28603a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
28613a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
28623a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
28633a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
28643a08.29d4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
28653a08.29d4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
28663a08.29d4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28673a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28683a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28693a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
28703a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
28713a08.29d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
28723a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28733a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28743a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
28753a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
28763a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
28773a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume8\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
28783a08.29d4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\setupapi.dll
28793a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
28803a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
28813a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
28823a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
28833a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
28843a08.29d4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
28853a08.29d4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
28863a08.29d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
28873a08.29d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28883a08.29d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28893a08.29d4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL
28903a08.29d4: supR3HardenedDllNotificationCallback: load 00007ffff8330000 LB 0x0004e000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
28913a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
28923a08.29d4: supR3HardenedDllNotificationCallback: load 00007ffff9820000 LB 0x00468000 C:\WINDOWS\System32\SETUPAPI.dll [fFlags=0x0]
28933a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\setupapi.dll
28943a08.29d4: supR3HardenedDllNotificationCallback: load 00007fffbcba0000 LB 0x00066000 D:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
28953a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
28963a08.29d4: supR3HardenedDllNotificationCallback: load 00007fff68090000 LB 0x0085c000 D:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
28973a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
28983a08.29d4: supR3HardenedDllNotificationCallback: load 00007ffff6e00000 LB 0x0003b000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
28993a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\IPHLPAPI.DLL
29003a08.29d4: supR3HardenedDllNotificationCallback: load 00007fff688f0000 LB 0x00a04000 D:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
29013a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
29023a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff688f0000 'D:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
29033a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29043a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29053a08.29d4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll'
29063a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29073a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29083a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
29093a08.29d4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29103a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffb8db0000 'D:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
29113a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29123a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29133a08.29d4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
29143a08.29d4: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29153a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fff68090000 'D:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
29163a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29173a08.29d4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29183a08.416c: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll: Signature #1/2: info status: 24202
29193a08.416c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29203a08.416c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29213a08.416c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29223a08.416c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
29233a08.416c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29243a08.416c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
29253a08.416c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29263a08.416c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29273a08.416c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29283a08.416c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
29293a08.416c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
29303a08.416c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
29313a08.416c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29323a08.416c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29333a08.416c: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29343a08.416c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29353a08.416c: supR3HardenedDllNotificationCallback: load 00007fffe3510000 LB 0x00014000 D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
29363a08.416c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
29373a08.416c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3510000 'D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
29383a08.3894: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll: Signature #1/2: info status: 24202
29393a08.3894: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29403a08.3894: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29413a08.3894: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29423a08.3894: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
29433a08.3894: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
29443a08.3894: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
29453a08.3894: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
29463a08.3894: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
29473a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29483a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29493a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
29503a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
29513a08.3894: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
29523a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
29533a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
29543a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29553a08.3894: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29563a08.3894: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29573a08.3894: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
29583a08.3894: supR3HardenedDllNotificationCallback: load 00007fffe2460000 LB 0x0000c000 D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
29593a08.3894: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
29603a08.3894: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe2460000 'D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
29613a08.2948: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll: Signature #1/2: info status: 24202
29623a08.2948: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff6a30000 'C:\WINDOWS\system32\rsaenh.dll'
29633a08.2948: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8120000 'C:\WINDOWS\System32\crypt32.dll'
29643a08.2948: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
29653a08.2948: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
29663a08.2948: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
29673a08.2948: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
29683a08.2948: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
29693a08.2948: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
29703a08.2948: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
29713a08.2948: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
29723a08.2948: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
29733a08.2948: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
29743a08.2948: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
29753a08.2948: supR3HardenedMonitor_LdrLoadDll: pName=D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29763a08.2948: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
29773a08.2948: supR3HardenedDllNotificationCallback: load 00007fffdee30000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
29783a08.2948: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
29793a08.2948: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffdee30000 'D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
29803a08.3ce4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff9650000 'C:\WINDOWS\system32\User32.dll'
29813a08.2eb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\thai.dll': 0 (NtPath=\??\C:\WINDOWS\System32\thai.dll; Input=thai.dll; rcNtGetDll=0xc0000135
29823a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\thai.dll'
29833a08.2eb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\thai.dll': 0 (NtPath=\??\C:\WINDOWS\System32\thai.dll; Input=thai.dll; rcNtGetDll=0xc0000135
29843a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\thai.dll'
29853a08.2eb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\thai.dll': 0 (NtPath=\??\C:\WINDOWS\System32\thai.dll; Input=thai.dll; rcNtGetDll=0xc0000135
29863a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\thai.dll'
29873a08.2eb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\thai.dll': 0 (NtPath=\??\C:\WINDOWS\System32\thai.dll; Input=thai.dll; rcNtGetDll=0xc0000135
29883a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\thai.dll'
29893a08.2eb4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\System32\thai.dll': 0 (NtPath=\??\C:\WINDOWS\System32\thai.dll; Input=thai.dll; rcNtGetDll=0xc0000135
29903a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\System32\thai.dll'
29913a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll
29923a08.2eb4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
29933a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
29943a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
29953a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
29963a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
29973a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
29983a08.2eb4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffff8a30000 'C:\WINDOWS\system32\shell32.dll'
29993a08.2948: supR3HardenedDllNotificationCallback: Unload 00007fffdee30000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
30003a08.3894: supR3HardenedDllNotificationCallback: Unload 00007fffe2460000 LB 0x0000c000 D:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
30013a08.416c: supR3HardenedDllNotificationCallback: Unload 00007fffe3510000 LB 0x00014000 D:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
30023a08.29cc: supR3HardenedDllNotificationCallback: Unload 00007fffefcd0000 LB 0x0000d000 D:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
30033a08.3ce4: supR3HardenedDllNotificationCallback: Unload 00007fffefce0000 LB 0x00010000 D:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
30043a08.29d4: supR3HardenedDllNotificationCallback: Unload 00007fff688f0000 LB 0x00a04000 D:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
30053a08.29d4: supR3HardenedDllNotificationCallback: Unload 00007fffbcba0000 LB 0x00066000 D:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
30063a08.29d4: supR3HardenedDllNotificationCallback: Unload 00007fff68090000 LB 0x0085c000 D:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
30073a08.29d4: supR3HardenedDllNotificationCallback: Unload 00007ffff9820000 LB 0x00468000 C:\WINDOWS\System32\SETUPAPI.dll [flags=0x0]
30083a08.29d4: supR3HardenedDllNotificationCallback: Unload 00007ffff6e00000 LB 0x0003b000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [flags=0x0]
30093a08.29d4: supR3HardenedDllNotificationCallback: Unload 00007ffff8330000 LB 0x0004e000 C:\WINDOWS\System32\cfgmgr32.dll [flags=0x0]
30103a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffe1e40000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [flags=0x0]
30113a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffb8db0000 LB 0x003c2000 D:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
30123a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffd4210000 LB 0x0003e000 C:\WINDOWS\system32\dataexchange.dll [flags=0x0]
30133a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
30143a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
30153a08.2eb4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'win32u.dll'.
30163a08.2eb4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\DXCore.dll)
30173a08.2eb4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\DXCore.dll
30183a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff8330000 LB 0x0004e000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
30193a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cfgmgr32.dll
30203a08.2eb4: supR3HardenedDllNotificationCallback: load 00007ffff2750000 LB 0x0003b000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
30213a08.2eb4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
30223a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007ffff3080000 LB 0x00263000 C:\WINDOWS\system32\d3d11.dll [flags=0x0]
30233a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007ffff62f0000 LB 0x000f3000 C:\WINDOWS\system32\dxgi.dll [flags=0x0]
30243a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007ffff3eb0000 LB 0x001e3000 C:\WINDOWS\system32\dcomp.dll [flags=0x0]
30253a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007ffff0e20000 LB 0x00200000 C:\WINDOWS\system32\twinapi.appcore.dll [flags=0x0]
30263a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffe1e60000 LB 0x0010b000 C:\WINDOWS\system32\wbem\fastprox.dll [flags=0x0]
30273a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffb9180000 LB 0x000ef000 D:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [flags=0x0]
30283a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffddd10000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [flags=0x0]
30293a08.2eb4: supR3HardenedDllNotificationCallback: Unload 00007fffe52b0000 LB 0x00090000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [flags=0x0]
30303a08.2eb4: Terminating the normal way: rcExit=0
303120cc.2904: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 295959 ms, the end);
303216ec.40e0: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 296467 ms, the end);

© 2024 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy