48e4.5aec: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000088 g_uNtVe

1. 48e4.5aec: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000088 g_uNtVerCombined=0xa055f000
2. 48e4.5aec: \SystemRoot\System32\ntdll.dll:
3. 48e4.5aec: CreationTime: 2022-07-13T09:48:33.425384000Z
4. 48e4.5aec: LastWriteTime: 2022-07-13T09:48:33.464782100Z
5. 48e4.5aec: ChangeTime: 2022-07-15T09:20:37.898077300Z
6. 48e4.5aec: FileAttributes: 0x20
7. 48e4.5aec: Size: 0x207e08
8. 48e4.5aec: NT Headers: 0xe0
9. 48e4.5aec: Timestamp: 0x5398ab6f
10. 48e4.5aec: Machine: 0x8664 - amd64
11. 48e4.5aec: Timestamp: 0x5398ab6f
12. 48e4.5aec: Image Version: 10.0
13. 48e4.5aec: SizeOfImage: 0x209000 (2134016)
14. 48e4.5aec: Resource Dir: 0x194000 LB 0x73528
15. 48e4.5aec: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16. 48e4.5aec: [Raw version resource data: 0x1940f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17. 48e4.5aec: ProductName: Microsoft® Windows® Operating System
18. 48e4.5aec: ProductVersion: 10.0.22000.778
19. 48e4.5aec: FileVersion: 10.0.22000.778 (WinBuild.160101.0800)
20. 48e4.5aec: FileDescription: NT Layer DLL
21. 48e4.5aec: \SystemRoot\System32\kernel32.dll:
22. 48e4.5aec: CreationTime: 2022-06-16T22:13:47.886924000Z
23. 48e4.5aec: LastWriteTime: 2022-06-16T22:13:47.899916800Z
24. 48e4.5aec: ChangeTime: 2022-07-13T09:49:56.810738300Z
25. 48e4.5aec: FileAttributes: 0x20
26. 48e4.5aec: Size: 0xc0058
27. 48e4.5aec: NT Headers: 0xf8
28. 48e4.5aec: Timestamp: 0xafec8296
29. 48e4.5aec: Machine: 0x8664 - amd64
30. 48e4.5aec: Timestamp: 0xafec8296
31. 48e4.5aec: Image Version: 10.0
32. 48e4.5aec: SizeOfImage: 0xbd000 (774144)
33. 48e4.5aec: Resource Dir: 0xbb000 LB 0x520
34. 48e4.5aec: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35. 48e4.5aec: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36. 48e4.5aec: ProductName: Microsoft® Windows® Operating System
37. 48e4.5aec: ProductVersion: 10.0.22000.708
38. 48e4.5aec: FileVersion: 10.0.22000.708 (WinBuild.160101.0800)
39. 48e4.5aec: FileDescription: Windows NT BASE API Client DLL
40. 48e4.5aec: \SystemRoot\System32\KernelBase.dll:
41. 48e4.5aec: CreationTime: 2022-07-13T09:48:33.970578400Z
42. 48e4.5aec: LastWriteTime: 2022-07-13T09:48:34.072201200Z
43. 48e4.5aec: ChangeTime: 2022-07-15T09:21:13.777271800Z
44. 48e4.5aec: FileAttributes: 0x20
45. 48e4.5aec: Size: 0x380268
46. 48e4.5aec: NT Headers: 0xf8
47. 48e4.5aec: Timestamp: 0x960371d1
48. 48e4.5aec: Machine: 0x8664 - amd64
49. 48e4.5aec: Timestamp: 0x960371d1
50. 48e4.5aec: Image Version: 10.0
51. 48e4.5aec: SizeOfImage: 0x379000 (3641344)
52. 48e4.5aec: Resource Dir: 0x34a000 LB 0x548
53. 48e4.5aec: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54. 48e4.5aec: [Raw version resource data: 0x34a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55. 48e4.5aec: ProductName: Microsoft® Windows® Operating System
56. 48e4.5aec: ProductVersion: 10.0.22000.795
57. 48e4.5aec: FileVersion: 10.0.22000.795 (WinBuild.160101.0800)
58. 48e4.5aec: FileDescription: Windows NT BASE API Client DLL
59. 48e4.5aec: \SystemRoot\System32\apisetschema.dll:
60. 48e4.5aec: CreationTime: 2021-06-05T12:04:59.928787900Z
61. 48e4.5aec: LastWriteTime: 2021-06-05T12:04:59.928787900Z
62. 48e4.5aec: ChangeTime: 2022-07-13T09:49:56.784497700Z
63. 48e4.5aec: FileAttributes: 0x20
64. 48e4.5aec: Size: 0x24150
65. 48e4.5aec: NT Headers: 0xc8
66. 48e4.5aec: Timestamp: 0x68d1dbaf
67. 48e4.5aec: Machine: 0x8664 - amd64
68. 48e4.5aec: Timestamp: 0x68d1dbaf
69. 48e4.5aec: Image Version: 10.0
70. 48e4.5aec: SizeOfImage: 0x23000 (143360)
71. 48e4.5aec: Resource Dir: 0x22000 LB 0x408
72. 48e4.5aec: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73. 48e4.5aec: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74. 48e4.5aec: ProductName: Microsoft® Windows® Operating System
75. 48e4.5aec: ProductVersion: 10.0.22000.1
76. 48e4.5aec: FileVersion: 10.0.22000.1 (WinBuild.160101.0800)
77. 48e4.5aec: FileDescription: ApiSet Schema DLL
78. 48e4.5aec: NtOpenDirectoryObject failed on \Driver: 0xc0000022
79. 48e4.5aec: supR3HardenedWinFindAdversaries: 0x20
80. 48e4.5aec: \SystemRoot\System32\drivers\cfwids.sys:
81. 48e4.5aec: CreationTime: 2021-03-02T21:06:14.000000000Z
82. 48e4.5aec: LastWriteTime: 2021-09-28T21:02:42.000000000Z
83. 48e4.5aec: ChangeTime: 2022-02-17T14:13:42.561653600Z
84. 48e4.5aec: FileAttributes: 0x20
85. 48e4.5aec: Size: 0x12400
86. 48e4.5aec: NT Headers: 0xe0
87. 48e4.5aec: Timestamp: 0x6144daa5
88. 48e4.5aec: Machine: 0x8664 - amd64
89. 48e4.5aec: Timestamp: 0x6144daa5
90. 48e4.5aec: Image Version: 10.0
91. 48e4.5aec: SizeOfImage: 0x13000 (77824)
92. 48e4.5aec: Resource Dir: 0x11000 LB 0x550
93. 48e4.5aec: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
94. 48e4.5aec: [Raw version resource data: 0x110a0 LB 0x318, codepage 0x0 (reserved 0x0)]
95. 48e4.5aec: ProductName: SYSCORE
96. 48e4.5aec: ProductVersion: 21.09.0.184
97. 48e4.5aec: FileVersion: SYSCORE.21.09.0.184
98. 48e4.5aec: PrivateBuild: SYSCORE.21.09.0.184
99. 48e4.5aec: FileDescription: McAfee Personal Firewall IDS Plugin
100. 48e4.5aec: \SystemRoot\System32\drivers\mfeavfk.sys:
101. 48e4.5aec: CreationTime: 2021-03-02T21:06:12.000000000Z
102. 48e4.5aec: LastWriteTime: 2021-09-28T21:02:42.000000000Z
103. 48e4.5aec: ChangeTime: 2022-02-17T14:13:42.404177800Z
104. 48e4.5aec: FileAttributes: 0x20
105. 48e4.5aec: Size: 0x5f600
106. 48e4.5aec: NT Headers: 0xf0
107. 48e4.5aec: Timestamp: 0x6144da96
108. 48e4.5aec: Machine: 0x8664 - amd64
109. 48e4.5aec: Timestamp: 0x6144da96
110. 48e4.5aec: Image Version: 10.0
111. 48e4.5aec: SizeOfImage: 0x60000 (393216)
112. 48e4.5aec: Resource Dir: 0x5e000 LB 0x758
113. 48e4.5aec: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
114. 48e4.5aec: [Raw version resource data: 0x5e110 LB 0x334, codepage 0x0 (reserved 0x0)]
115. 48e4.5aec: ProductName: SYSCORE
116. 48e4.5aec: ProductVersion: 21.09.0.184
117. 48e4.5aec: FileVersion: SYSCORE.21.09.0.184
118. 48e4.5aec: PrivateBuild: SYSCORE.21.09.0.184 F15,F16,F19
119. 48e4.5aec: FileDescription: Anti-Virus File System Filter Driver
120. 48e4.5aec: \SystemRoot\System32\drivers\mfefirek.sys:
121. 48e4.5aec: CreationTime: 2021-03-02T21:06:12.000000000Z
122. 48e4.5aec: LastWriteTime: 2021-09-28T21:02:42.000000000Z
123. 48e4.5aec: ChangeTime: 2022-02-17T14:13:42.380174300Z
124. 48e4.5aec: FileAttributes: 0x20
125. 48e4.5aec: Size: 0x80800
126. 48e4.5aec: NT Headers: 0xd8
127. 48e4.5aec: Timestamp: 0x6144daa7
128. 48e4.5aec: Machine: 0x8664 - amd64
129. 48e4.5aec: Timestamp: 0x6144daa7
130. 48e4.5aec: Image Version: 10.0
131. 48e4.5aec: SizeOfImage: 0x82000 (532480)
132. 48e4.5aec: Resource Dir: 0x80000 LB 0x388
133. 48e4.5aec: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
134. 48e4.5aec: [Raw version resource data: 0x80060 LB 0x328, codepage 0x0 (reserved 0x0)]
135. 48e4.5aec: ProductName: SYSCORE
136. 48e4.5aec: ProductVersion: 21.09.0.184
137. 48e4.5aec: FileVersion: SYSCORE.21.09.0.184
138. 48e4.5aec: PrivateBuild: SYSCORE.21.09.0.184 F17,F18
139. 48e4.5aec: FileDescription: McAfee Core Firewall Engine Driver
140. 48e4.5aec: \SystemRoot\System32\drivers\mfehidk.sys:
141. 48e4.5aec: CreationTime: 2021-03-02T21:06:14.000000000Z
142. 48e4.5aec: LastWriteTime: 2021-09-28T21:02:40.000000000Z
143. 48e4.5aec: ChangeTime: 2022-02-17T14:13:42.033393300Z
144. 48e4.5aec: FileAttributes: 0x20
145. 48e4.5aec: Size: 0x109c00
146. 48e4.5aec: NT Headers: 0x100
147. 48e4.5aec: Timestamp: 0x6144db21
148. 48e4.5aec: Machine: 0x8664 - amd64
149. 48e4.5aec: Timestamp: 0x6144db21
150. 48e4.5aec: Image Version: 10.0
151. 48e4.5aec: SizeOfImage: 0x115000 (1134592)
152. 48e4.5aec: Resource Dir: 0x112000 LB 0x780
153. 48e4.5aec: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
154. 48e4.5aec: [Raw version resource data: 0x112110 LB 0x320, codepage 0x0 (reserved 0x0)]
155. 48e4.5aec: ProductName: SYSCORE
156. 48e4.5aec: ProductVersion: 21.09.0.184
157. 48e4.5aec: FileVersion: SYSCORE.21.09.0.184
158. 48e4.5aec: PrivateBuild: SYSCORE.21.09.0.184 F14,F15,F16,F18,F20
159. 48e4.5aec: FileDescription: McAfee Link Driver
160. 48e4.5aec: \SystemRoot\System32\drivers\mfencbdc.sys:
161. 48e4.5aec: CreationTime: 2021-09-16T08:52:14.000000000Z
162. 48e4.5aec: LastWriteTime: 2021-09-16T08:52:14.000000000Z
163. 48e4.5aec: ChangeTime: 2022-02-17T14:15:27.567390100Z
164. 48e4.5aec: FileAttributes: 0x20
165. 48e4.5aec: Size: 0x9be00
166. 48e4.5aec: NT Headers: 0xe0
167. 48e4.5aec: Timestamp: 0x61403be3
168. 48e4.5aec: Machine: 0x8664 - amd64
169. 48e4.5aec: Timestamp: 0x61403be3
170. 48e4.5aec: Image Version: 10.0
171. 48e4.5aec: SizeOfImage: 0xad000 (708608)
172. 48e4.5aec: Resource Dir: 0xab000 LB 0x3d0
173. 48e4.5aec: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
174. 48e4.5aec: [Raw version resource data: 0xab060 LB 0x370, codepage 0x0 (reserved 0x0)]
175. 48e4.5aec: ProductName: Anti-Malware Core
176. 48e4.5aec: ProductVersion: 21.9.0
177. 48e4.5aec: FileVersion: Anti-Malware Core.21.9.0.327
178. 48e4.5aec: PrivateBuild: Anti-Malware Core.21.9.0.327
179. 48e4.5aec: FileDescription: Event Driver
180. 48e4.5aec: \SystemRoot\System32\drivers\mfewfpk.sys:
181. 48e4.5aec: CreationTime: 2021-03-02T21:06:12.000000000Z
182. 48e4.5aec: LastWriteTime: 2021-09-28T21:02:42.000000000Z
183. 48e4.5aec: ChangeTime: 2022-02-17T14:13:40.787639300Z
184. 48e4.5aec: FileAttributes: 0x20
185. 48e4.5aec: Size: 0x3ea00
186. 48e4.5aec: NT Headers: 0xe0
187. 48e4.5aec: Timestamp: 0x6144da96
188. 48e4.5aec: Machine: 0x8664 - amd64
189. 48e4.5aec: Timestamp: 0x6144da96
190. 48e4.5aec: Image Version: 10.0
191. 48e4.5aec: SizeOfImage: 0x5a000 (368640)
192. 48e4.5aec: Resource Dir: 0x58000 LB 0x380
193. 48e4.5aec: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
194. 48e4.5aec: [Raw version resource data: 0x58060 LB 0x320, codepage 0x0 (reserved 0x0)]
195. 48e4.5aec: ProductName: SYSCORE
196. 48e4.5aec: ProductVersion: 21.09.0.184
197. 48e4.5aec: FileVersion: SYSCORE.21.09.0.184
198. 48e4.5aec: PrivateBuild: SYSCORE.21.09.0.184 F17,F18
199. 48e4.5aec: FileDescription: Anti-Virus Mini-Firewall Driver
200. 48e4.5aec: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
201. 48e4.5aec: Calling main()
202. 48e4.5aec: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
203. 48e4.5aec: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
204. 48e4.5aec: SUPR3HardenedMain: Respawn #1
205. 48e4.5aec: System32: \Device\HarddiskVolume3\Windows\System32
206. 48e4.5aec: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
207. 48e4.5aec: KnownDllPath: C:\Windows\System32
208. 48e4.5aec: supR3HardenedWinInit: Performing a limited self purification...
209. 48e4.5aec: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
210. 48e4.5aec: *0000000000000000-0000000000c0ffff 0x0001/0x0000 0x0000000
211. 48e4.5aec: *0000000000c10000-0000000000c10fff 0x0002/0x0002 0x0040000
212. 48e4.5aec: 0000000000c11000-0000000000c1ffff 0x0001/0x0000 0x0000000
213. 48e4.5aec: *0000000000c20000-0000000000c20fff 0x0002/0x0002 0x0040000
214. 48e4.5aec: 0000000000c21000-0000000000c2ffff 0x0001/0x0000 0x0000000
215. 48e4.5aec: *0000000000c30000-0000000000c4efff 0x0002/0x0002 0x0040000
216. 48e4.5aec: 0000000000c4f000-0000000000c4ffff 0x0001/0x0000 0x0000000
217. 48e4.5aec: *0000000000c50000-0000000000d00fff 0x0000/0x0004 0x0020000
218. 48e4.5aec: 0000000000d01000-0000000000d03fff 0x0104/0x0004 0x0020000
219. 48e4.5aec: 0000000000d04000-0000000000d4ffff 0x0004/0x0004 0x0020000
220. 48e4.5aec: *0000000000d50000-0000000000d53fff 0x0002/0x0002 0x0040000
221. 48e4.5aec: 0000000000d54000-0000000000d5ffff 0x0001/0x0000 0x0000000
222. 48e4.5aec: *0000000000d60000-0000000000d61fff 0x0004/0x0004 0x0020000
223. 48e4.5aec: 0000000000d62000-0000000000d6ffff 0x0001/0x0000 0x0000000
224. 48e4.5aec: *0000000000d70000-0000000000d80fff 0x0002/0x0002 0x0040000
225. 48e4.5aec: 0000000000d81000-0000000000d8ffff 0x0001/0x0000 0x0000000
226. 48e4.5aec: *0000000000d90000-0000000000da0fff 0x0002/0x0002 0x0040000
227. 48e4.5aec: 0000000000da1000-0000000000daffff 0x0001/0x0000 0x0000000
228. 48e4.5aec: *0000000000db0000-0000000000db2fff 0x0002/0x0002 0x0040000
229. 48e4.5aec: 0000000000db3000-0000000000dbffff 0x0001/0x0000 0x0000000
230. 48e4.5aec: *0000000000dc0000-0000000000dc0fff 0x0004/0x0004 0x0020000
231. 48e4.5aec: 0000000000dc1000-0000000000df1fff 0x0000/0x0004 0x0020000
232. 48e4.5aec: 0000000000df2000-0000000000dfffff 0x0001/0x0000 0x0000000
233. 48e4.5aec: *0000000000e00000-0000000000ef4fff 0x0000/0x0004 0x0020000
234. 48e4.5aec: 0000000000ef5000-0000000000ef7fff 0x0004/0x0004 0x0020000
235. 48e4.5aec: 0000000000ef8000-0000000000ffffff 0x0000/0x0004 0x0020000
236. 48e4.5aec: *0000000001000000-0000000001000fff 0x0002/0x0002 0x0040000
237. 48e4.5aec: 0000000001001000-000000000100ffff 0x0001/0x0000 0x0000000
238. 48e4.5aec: *0000000001010000-000000000101ffff 0x0004/0x0004 0x0040000
239. 48e4.5aec: *0000000001020000-0000000001022fff 0x0002/0x0002 0x0040000
240. 48e4.5aec: 0000000001023000-000000000102ffff 0x0001/0x0000 0x0000000
241. 48e4.5aec: *0000000001030000-0000000001040fff 0x0002/0x0002 0x0040000
242. 48e4.5aec: 0000000001041000-000000000105ffff 0x0001/0x0000 0x0000000
243. 48e4.5aec: *0000000001060000-0000000001069fff 0x0004/0x0004 0x0020000
244. 48e4.5aec: 000000000106a000-000000000115ffff 0x0000/0x0004 0x0020000
245. 48e4.5aec: *0000000001160000-000000000122dfff 0x0002/0x0002 0x0040000
246. 48e4.5aec: 000000000122e000-000000000122ffff 0x0001/0x0000 0x0000000
247. 48e4.5aec: *0000000001230000-0000000001240fff 0x0002/0x0002 0x0040000
248. 48e4.5aec: 0000000001241000-000000000124ffff 0x0001/0x0000 0x0000000
249. 48e4.5aec: *0000000001250000-0000000001251fff 0x0004/0x0004 0x0020000
250. 48e4.5aec: 0000000001252000-0000000001281fff 0x0000/0x0004 0x0020000
251. 48e4.5aec: 0000000001282000-000000000128ffff 0x0001/0x0000 0x0000000
252. 48e4.5aec: *0000000001290000-00000000012b6fff 0x0004/0x0004 0x0020000
253. 48e4.5aec: 00000000012b7000-000000000138ffff 0x0000/0x0004 0x0020000
254. 48e4.5aec: 0000000001390000-00000000013bffff 0x0001/0x0000 0x0000000
255. 48e4.5aec: *00000000013c0000-00000000013cefff 0x0004/0x0004 0x0020000
256. 48e4.5aec: 00000000013cf000-00000000013cffff 0x0000/0x0004 0x0020000
257. 48e4.5aec: *00000000013d0000-00000000015d9fff 0x0004/0x0004 0x0020000
258. 48e4.5aec: 00000000015da000-00000000015dafff 0x0000/0x0004 0x0020000
259. 48e4.5aec: 00000000015db000-000000007ffdffff 0x0001/0x0000 0x0000000
260. 48e4.5aec: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
261. 48e4.5aec: *000000007ffe1000-000000007ffe1fff 0x0002/0x0002 0x0020000
262. 48e4.5aec: 000000007ffe2000-00007ff4d529ffff 0x0001/0x0000 0x0000000
263. 48e4.5aec: *00007ff4d52a0000-00007ff4d52a4fff 0x0002/0x0002 0x0040000
264. 48e4.5aec: 00007ff4d52a5000-00007ff4d539ffff 0x0000/0x0002 0x0040000
265. 48e4.5aec: *00007ff4d53a0000-00007ff5d53bffff 0x0000/0x0004 0x0020000
266. 48e4.5aec: *00007ff5d53c0000-00007ff5d73bffff 0x0000/0x0004 0x0020000
267. 48e4.5aec: 00007ff5d73c0000-00007ff5d73c0fff 0x0004/0x0004 0x0020000
268. 48e4.5aec: 00007ff5d73c1000-00007ff5d73cffff 0x0001/0x0000 0x0000000
269. 48e4.5aec: *00007ff5d73d0000-00007ff5d73d0fff 0x0002/0x0002 0x0040000
270. 48e4.5aec: 00007ff5d73d1000-00007ff75562ffff 0x0001/0x0000 0x0000000
271. 48e4.5aec: *00007ff755630000-00007ff755630fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
272. 48e4.5aec: 00007ff755631000-00007ff7556a7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
273. 48e4.5aec: 00007ff7556a8000-00007ff7556a8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
274. 48e4.5aec: 00007ff7556a9000-00007ff7556f1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
275. 48e4.5aec: 00007ff7556f2000-00007ff7556f4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
276. 48e4.5aec: 00007ff7556f5000-00007ff7556f7fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
277. 48e4.5aec: 00007ff7556f8000-00007ff7556fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
278. 48e4.5aec: 00007ff7556fb000-00007ff7556fbfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
279. 48e4.5aec: 00007ff7556fc000-00007ff7556fdfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
280. 48e4.5aec: 00007ff7556fe000-00007ff7556fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
281. 48e4.5aec: 00007ff7556ff000-00007ff755747fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
282. 48e4.5aec: 00007ff755748000-00007ffab699ffff 0x0001/0x0000 0x0000000
283. 48e4.5aec: *00007ffab69a0000-00007ffab69a0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
284. 48e4.5aec: 00007ffab69a1000-00007ffab6b19fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
285. 48e4.5aec: 00007ffab6b1a000-00007ffab6ccbfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
286. 48e4.5aec: 00007ffab6ccc000-00007ffab6cd0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
287. 48e4.5aec: 00007ffab6cd1000-00007ffab6d18fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
288. 48e4.5aec: 00007ffab6d19000-00007ffab787ffff 0x0001/0x0000 0x0000000
289. 48e4.5aec: *00007ffab7880000-00007ffab7880fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
290. 48e4.5aec: 00007ffab7881000-00007ffab78fdfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
291. 48e4.5aec: 00007ffab78fe000-00007ffab7931fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
292. 48e4.5aec: 00007ffab7932000-00007ffab7932fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
293. 48e4.5aec: 00007ffab7933000-00007ffab7933fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
294. 48e4.5aec: 00007ffab7934000-00007ffab793cfff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\kernel32.dll
295. 48e4.5aec: 00007ffab793d000-00007ffab925ffff 0x0001/0x0000 0x0000000
296. 48e4.5aec: *00007ffab9260000-00007ffab9260fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
297. 48e4.5aec: 00007ffab9261000-00007ffab938bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
298. 48e4.5aec: 00007ffab938c000-00007ffab93d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
299. 48e4.5aec: 00007ffab93d4000-00007ffab93d4fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
300. 48e4.5aec: 00007ffab93d5000-00007ffab93d6fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
301. 48e4.5aec: 00007ffab93d7000-00007ffab93dffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
302. 48e4.5aec: 00007ffab93e0000-00007ffab9468fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
303. 48e4.5aec: 00007ffab9469000-00007ffffffeffff 0x0001/0x0000 0x0000000
304. 48e4.5aec: kernel32.dll: timestamp 0xafec8296 (rc=VINF_SUCCESS)
305. 48e4.5aec: kernelbase.dll: timestamp 0x960371d1 (rc=VINF_SUCCESS)
306. 48e4.5aec: VirtualBoxVM.exe: timestamp 0x623a5dfe (rc=VINF_SUCCESS)
307. 48e4.5aec: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
308. 48e4.5aec: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
309. 48e4.5aec: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
310. 48e4.5aec: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
311. 48e4.5aec: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
312. 48e4.5aec: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
313. 48e4.5aec: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
314. 48e4.5aec: supR3HardNtEnableThreadCreationEx:
315. 48e4.5aec: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffab92daf50 pvNtTerminateThread=00007ffab9304960
316. 48e4.5aec: supR3HardenedWinDoReSpawn(1): New child 5f00.18e0 [kernel32].
317. 48e4.5aec: supR3HardNtChildGatherData: PebBaseAddress=00000000009ad000 cbPeb=0x388
318. 48e4.5aec: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffab9260000 uNtDllChildAddr=00007ffab9260000
319. 48e4.5aec: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffab92daf50
320. 48e4.5aec: supR3HardenedWinSetupChildInit: Initial context:
321. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff755637900 rdx=00000000009ad000
322. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
323. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
324. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
325. rip=00007ffab9264830 rsp=00000000007ffd18 rbp=0000000000000000 ctxflags=0010001b
326. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
327. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
328. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
329. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
330. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
331. 48e4.5aec: supR3HardenedWinSetupChildInit: Start child.
332. 48e4.5aec: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
333. 48e4.5aec: supR3HardNtChildPurify: Startup delay kludge #1/0: 523 ms, 33 sleeps
334. 48e4.5aec: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
335. 48e4.5aec: *0000000000000000-00000000006bffff 0x0001/0x0000 0x0000000
336. 48e4.5aec: *00000000006c0000-00000000006dffff 0x0004/0x0004 0x0020000
337. 48e4.5aec: *00000000006e0000-00000000006fefff 0x0002/0x0002 0x0040000
338. 48e4.5aec: 00000000006ff000-00000000006fffff 0x0001/0x0000 0x0000000
339. 48e4.5aec: *0000000000700000-00000000007fafff 0x0000/0x0004 0x0020000
340. 48e4.5aec: 00000000007fb000-00000000007fdfff 0x0104/0x0004 0x0020000
341. 48e4.5aec: 00000000007fe000-00000000007fffff 0x0004/0x0004 0x0020000
342. 48e4.5aec: *0000000000800000-00000000009acfff 0x0000/0x0004 0x0020000
343. 48e4.5aec: 00000000009ad000-00000000009affff 0x0004/0x0004 0x0020000
344. 48e4.5aec: 00000000009b0000-00000000009fffff 0x0000/0x0004 0x0020000
345. 48e4.5aec: *0000000000a00000-0000000000a03fff 0x0002/0x0002 0x0040000
346. 48e4.5aec: 0000000000a04000-0000000000a0ffff 0x0001/0x0000 0x0000000
347. 48e4.5aec: *0000000000a10000-0000000000a11fff 0x0004/0x0004 0x0020000
348. 48e4.5aec: 0000000000a12000-000000007ffdffff 0x0001/0x0000 0x0000000
349. 48e4.5aec: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
350. 48e4.5aec: *000000007ffe1000-000000007ffe1fff 0x0002/0x0002 0x0020000
351. 48e4.5aec: 000000007ffe2000-00007ff55ce0ffff 0x0001/0x0000 0x0000000
352. 48e4.5aec: *00007ff55ce10000-00007ff55ce10fff 0x0002/0x0002 0x0040000
353. 48e4.5aec: 00007ff55ce11000-00007ff75562ffff 0x0001/0x0000 0x0000000
354. 48e4.5aec: *00007ff755630000-00007ff755630fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
355. 48e4.5aec: 00007ff755631000-00007ff7556a7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
356. 48e4.5aec: 00007ff7556a8000-00007ff7556a8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
357. 48e4.5aec: 00007ff7556a9000-00007ff7556f1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
358. 48e4.5aec: 00007ff7556f2000-00007ff7556f2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
359. 48e4.5aec: 00007ff7556f3000-00007ff7556f3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
360. 48e4.5aec: 00007ff7556f4000-00007ff7556f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
361. 48e4.5aec: 00007ff7556f9000-00007ff7556f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
362. 48e4.5aec: 00007ff7556fa000-00007ff7556fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
363. 48e4.5aec: 00007ff7556fb000-00007ff7556fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
364. 48e4.5aec: 00007ff7556ff000-00007ff755747fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
365. 48e4.5aec: 00007ff755748000-00007ffab925ffff 0x0001/0x0000 0x0000000
366. 48e4.5aec: *00007ffab9260000-00007ffab9260fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
367. 48e4.5aec: 00007ffab9261000-00007ffab938bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
368. 48e4.5aec: 00007ffab938c000-00007ffab93d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
369. 48e4.5aec: 00007ffab93d4000-00007ffab93dffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
370. 48e4.5aec: 00007ffab93e0000-00007ffab93eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
371. 48e4.5aec: 00007ffab93ef000-00007ffab93effff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
372. 48e4.5aec: 00007ffab93f0000-00007ffab93f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
373. 48e4.5aec: 00007ffab93f3000-00007ffab9468fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
374. 48e4.5aec: 00007ffab9469000-00007ffffffeffff 0x0001/0x0000 0x0000000
375. 48e4.5aec: supR3HardNtChildPurify: Done after 527 ms and 0 fixes (loop #0).
376. 5f00.18e0: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa055f000
377. 5f00.18e0: supR3HardenedVmProcessInit: uNtDllAddr=00007ffab9260000 g_uNtVerCombined=0xa055f000 (stack ~00000000007ff798)
378. 5f00.18e0: ntdll.dll: timestamp 0x5398ab6f (rc=VINF_SUCCESS)
379. 5f00.18e0: New simple heap: #1 0000000000b20000 LB 0x800000 (for 2134016 allocation)
380. 48e4.5aec: supR3HardNtEnableThreadCreationEx:
381. 5f00.18e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
382. 5f00.18e0: System32: \Device\HarddiskVolume3\Windows\System32
383. 5f00.18e0: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
384. 5f00.18e0: KnownDllPath: C:\Windows\System32
385. 5f00.18e0: supR3HardenedVmProcessInit: Opening vboxdrv stub...
386. 5f00.18e0: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
387. 5f00.18e0: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
388. 5f00.18e0: Registered Dll notification callback with NTDLL.
389. 5f00.18e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
390. 5f00.18e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
391. 5f00.18e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
392. 5f00.18e0: supR3HardenedDllNotificationCallback: load 00007ffab69a0000 LB 0x00379000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
393. 5f00.18e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
394. 5f00.18e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
395. 5f00.18e0: supR3HardenedDllNotificationCallback: load 00007ffab7880000 LB 0x000bd000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
396. 5f00.18e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
397. 5f00.18e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\KERNEL32.DLL'
398. 5f00.18e0: supR3HardenedDllNotificationCallback: load 00007ff755630000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
399. 5f00.18e0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
400. 5f00.18e0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
401. 5f00.18e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
402. 5f00.18e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
403. 5f00.18e0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffab92daf50 pvNtTerminateThread=00007ffab9304960
404. 48e4.5aec: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 78 ms.
405. 5f00.18e0: \SystemRoot\System32\ntdll.dll:
406. 5f00.18e0: CreationTime: 2022-07-13T09:48:33.425384000Z
407. 5f00.18e0: LastWriteTime: 2022-07-13T09:48:33.464782100Z
408. 5f00.18e0: ChangeTime: 2022-07-15T09:20:37.898077300Z
409. 5f00.18e0: FileAttributes: 0x20
410. 5f00.18e0: Size: 0x207e08
411. 5f00.18e0: NT Headers: 0xe0
412. 5f00.18e0: Timestamp: 0x5398ab6f
413. 5f00.18e0: Machine: 0x8664 - amd64
414. 5f00.18e0: Timestamp: 0x5398ab6f
415. 5f00.18e0: Image Version: 10.0
416. 5f00.18e0: SizeOfImage: 0x209000 (2134016)
417. 5f00.18e0: Resource Dir: 0x194000 LB 0x73528
418. 5f00.18e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
419. 5f00.18e0: [Raw version resource data: 0x1940f0 LB 0x380, codepage 0x0 (reserved 0x0)]
420. 5f00.18e0: ProductName: Microsoft® Windows® Operating System
421. 5f00.18e0: ProductVersion: 10.0.22000.778
422. 5f00.18e0: FileVersion: 10.0.22000.778 (WinBuild.160101.0800)
423. 5f00.18e0: FileDescription: NT Layer DLL
424. 5f00.18e0: \SystemRoot\System32\kernel32.dll:
425. 5f00.18e0: CreationTime: 2022-06-16T22:13:47.886924000Z
426. 5f00.18e0: LastWriteTime: 2022-06-16T22:13:47.899916800Z
427. 5f00.18e0: ChangeTime: 2022-07-13T09:49:56.810738300Z
428. 5f00.18e0: FileAttributes: 0x20
429. 5f00.18e0: Size: 0xc0058
430. 5f00.18e0: NT Headers: 0xf8
431. 5f00.18e0: Timestamp: 0xafec8296
432. 5f00.18e0: Machine: 0x8664 - amd64
433. 5f00.18e0: Timestamp: 0xafec8296
434. 5f00.18e0: Image Version: 10.0
435. 5f00.18e0: SizeOfImage: 0xbd000 (774144)
436. 5f00.18e0: Resource Dir: 0xbb000 LB 0x520
437. 5f00.18e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
438. 5f00.18e0: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
439. 5f00.18e0: ProductName: Microsoft® Windows® Operating System
440. 5f00.18e0: ProductVersion: 10.0.22000.708
441. 5f00.18e0: FileVersion: 10.0.22000.708 (WinBuild.160101.0800)
442. 5f00.18e0: FileDescription: Windows NT BASE API Client DLL
443. 5f00.18e0: \SystemRoot\System32\KernelBase.dll:
444. 5f00.18e0: CreationTime: 2022-07-13T09:48:33.970578400Z
445. 5f00.18e0: LastWriteTime: 2022-07-13T09:48:34.072201200Z
446. 5f00.18e0: ChangeTime: 2022-07-15T09:21:13.777271800Z
447. 5f00.18e0: FileAttributes: 0x20
448. 5f00.18e0: Size: 0x380268
449. 5f00.18e0: NT Headers: 0xf8
450. 5f00.18e0: Timestamp: 0x960371d1
451. 5f00.18e0: Machine: 0x8664 - amd64
452. 5f00.18e0: Timestamp: 0x960371d1
453. 5f00.18e0: Image Version: 10.0
454. 5f00.18e0: SizeOfImage: 0x379000 (3641344)
455. 5f00.18e0: Resource Dir: 0x34a000 LB 0x548
456. 5f00.18e0: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
457. 5f00.18e0: [Raw version resource data: 0x34a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
458. 5f00.18e0: ProductName: Microsoft® Windows® Operating System
459. 5f00.18e0: ProductVersion: 10.0.22000.795
460. 5f00.18e0: FileVersion: 10.0.22000.795 (WinBuild.160101.0800)
461. 5f00.18e0: FileDescription: Windows NT BASE API Client DLL
462. 5f00.18e0: \SystemRoot\System32\apisetschema.dll:
463. 5f00.18e0: CreationTime: 2021-06-05T12:04:59.928787900Z
464. 5f00.18e0: LastWriteTime: 2021-06-05T12:04:59.928787900Z
465. 5f00.18e0: ChangeTime: 2022-07-13T09:49:56.784497700Z
466. 5f00.18e0: FileAttributes: 0x20
467. 5f00.18e0: Size: 0x24150
468. 5f00.18e0: NT Headers: 0xc8
469. 5f00.18e0: Timestamp: 0x68d1dbaf
470. 5f00.18e0: Machine: 0x8664 - amd64
471. 5f00.18e0: Timestamp: 0x68d1dbaf
472. 5f00.18e0: Image Version: 10.0
473. 5f00.18e0: SizeOfImage: 0x23000 (143360)
474. 5f00.18e0: Resource Dir: 0x22000 LB 0x408
475. 5f00.18e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
476. 5f00.18e0: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
477. 5f00.18e0: ProductName: Microsoft® Windows® Operating System
478. 5f00.18e0: ProductVersion: 10.0.22000.1
479. 5f00.18e0: FileVersion: 10.0.22000.1 (WinBuild.160101.0800)
480. 5f00.18e0: FileDescription: ApiSet Schema DLL
481. 5f00.18e0: NtOpenDirectoryObject failed on \Driver: 0xc0000022
482. 5f00.18e0: supR3HardenedWinFindAdversaries: 0x20
483. 5f00.18e0: \SystemRoot\System32\drivers\cfwids.sys:
484. 5f00.18e0: CreationTime: 2021-03-02T21:06:14.000000000Z
485. 5f00.18e0: LastWriteTime: 2021-09-28T21:02:42.000000000Z
486. 5f00.18e0: ChangeTime: 2022-02-17T14:13:42.561653600Z
487. 5f00.18e0: FileAttributes: 0x20
488. 5f00.18e0: Size: 0x12400
489. 5f00.18e0: NT Headers: 0xe0
490. 5f00.18e0: Timestamp: 0x6144daa5
491. 5f00.18e0: Machine: 0x8664 - amd64
492. 5f00.18e0: Timestamp: 0x6144daa5
493. 5f00.18e0: Image Version: 10.0
494. 5f00.18e0: SizeOfImage: 0x13000 (77824)
495. 5f00.18e0: Resource Dir: 0x11000 LB 0x550
496. 5f00.18e0: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
497. 5f00.18e0: [Raw version resource data: 0x110a0 LB 0x318, codepage 0x0 (reserved 0x0)]
498. 5f00.18e0: ProductName: SYSCORE
499. 5f00.18e0: ProductVersion: 21.09.0.184
500. 5f00.18e0: FileVersion: SYSCORE.21.09.0.184
501. 5f00.18e0: PrivateBuild: SYSCORE.21.09.0.184
502. 5f00.18e0: FileDescription: McAfee Personal Firewall IDS Plugin
503. 5f00.18e0: \SystemRoot\System32\drivers\mfeavfk.sys:
504. 5f00.18e0: CreationTime: 2021-03-02T21:06:12.000000000Z
505. 5f00.18e0: LastWriteTime: 2021-09-28T21:02:42.000000000Z
506. 5f00.18e0: ChangeTime: 2022-02-17T14:13:42.404177800Z
507. 5f00.18e0: FileAttributes: 0x20
508. 5f00.18e0: Size: 0x5f600
509. 5f00.18e0: NT Headers: 0xf0
510. 5f00.18e0: Timestamp: 0x6144da96
511. 5f00.18e0: Machine: 0x8664 - amd64
512. 5f00.18e0: Timestamp: 0x6144da96
513. 5f00.18e0: Image Version: 10.0
514. 5f00.18e0: SizeOfImage: 0x60000 (393216)
515. 5f00.18e0: Resource Dir: 0x5e000 LB 0x758
516. 5f00.18e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
517. 5f00.18e0: [Raw version resource data: 0x5e110 LB 0x334, codepage 0x0 (reserved 0x0)]
518. 5f00.18e0: ProductName: SYSCORE
519. 5f00.18e0: ProductVersion: 21.09.0.184
520. 5f00.18e0: FileVersion: SYSCORE.21.09.0.184
521. 5f00.18e0: PrivateBuild: SYSCORE.21.09.0.184 F15,F16,F19
522. 5f00.18e0: FileDescription: Anti-Virus File System Filter Driver
523. 5f00.18e0: \SystemRoot\System32\drivers\mfefirek.sys:
524. 5f00.18e0: CreationTime: 2021-03-02T21:06:12.000000000Z
525. 5f00.18e0: LastWriteTime: 2021-09-28T21:02:42.000000000Z
526. 5f00.18e0: ChangeTime: 2022-02-17T14:13:42.380174300Z
527. 5f00.18e0: FileAttributes: 0x20
528. 5f00.18e0: Size: 0x80800
529. 5f00.18e0: NT Headers: 0xd8
530. 5f00.18e0: Timestamp: 0x6144daa7
531. 5f00.18e0: Machine: 0x8664 - amd64
532. 5f00.18e0: Timestamp: 0x6144daa7
533. 5f00.18e0: Image Version: 10.0
534. 5f00.18e0: SizeOfImage: 0x82000 (532480)
535. 5f00.18e0: Resource Dir: 0x80000 LB 0x388
536. 5f00.18e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
537. 5f00.18e0: [Raw version resource data: 0x80060 LB 0x328, codepage 0x0 (reserved 0x0)]
538. 5f00.18e0: ProductName: SYSCORE
539. 5f00.18e0: ProductVersion: 21.09.0.184
540. 5f00.18e0: FileVersion: SYSCORE.21.09.0.184
541. 5f00.18e0: PrivateBuild: SYSCORE.21.09.0.184 F17,F18
542. 5f00.18e0: FileDescription: McAfee Core Firewall Engine Driver
543. 5f00.18e0: \SystemRoot\System32\drivers\mfehidk.sys:
544. 5f00.18e0: CreationTime: 2021-03-02T21:06:14.000000000Z
545. 5f00.18e0: LastWriteTime: 2021-09-28T21:02:40.000000000Z
546. 5f00.18e0: ChangeTime: 2022-02-17T14:13:42.033393300Z
547. 5f00.18e0: FileAttributes: 0x20
548. 5f00.18e0: Size: 0x109c00
549. 5f00.18e0: NT Headers: 0x100
550. 5f00.18e0: Timestamp: 0x6144db21
551. 5f00.18e0: Machine: 0x8664 - amd64
552. 5f00.18e0: Timestamp: 0x6144db21
553. 5f00.18e0: Image Version: 10.0
554. 5f00.18e0: SizeOfImage: 0x115000 (1134592)
555. 5f00.18e0: Resource Dir: 0x112000 LB 0x780
556. 5f00.18e0: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
557. 5f00.18e0: [Raw version resource data: 0x112110 LB 0x320, codepage 0x0 (reserved 0x0)]
558. 5f00.18e0: ProductName: SYSCORE
559. 5f00.18e0: ProductVersion: 21.09.0.184
560. 5f00.18e0: FileVersion: SYSCORE.21.09.0.184
561. 5f00.18e0: PrivateBuild: SYSCORE.21.09.0.184 F14,F15,F16,F18,F20
562. 5f00.18e0: FileDescription: McAfee Link Driver
563. 5f00.18e0: \SystemRoot\System32\drivers\mfencbdc.sys:
564. 5f00.18e0: CreationTime: 2021-09-16T08:52:14.000000000Z
565. 5f00.18e0: LastWriteTime: 2021-09-16T08:52:14.000000000Z
566. 5f00.18e0: ChangeTime: 2022-02-17T14:15:27.567390100Z
567. 5f00.18e0: FileAttributes: 0x20
568. 5f00.18e0: Size: 0x9be00
569. 5f00.18e0: NT Headers: 0xe0
570. 5f00.18e0: Timestamp: 0x61403be3
571. 5f00.18e0: Machine: 0x8664 - amd64
572. 5f00.18e0: Timestamp: 0x61403be3
573. 5f00.18e0: Image Version: 10.0
574. 5f00.18e0: SizeOfImage: 0xad000 (708608)
575. 5f00.18e0: Resource Dir: 0xab000 LB 0x3d0
576. 5f00.18e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
577. 5f00.18e0: [Raw version resource data: 0xab060 LB 0x370, codepage 0x0 (reserved 0x0)]
578. 5f00.18e0: ProductName: Anti-Malware Core
579. 5f00.18e0: ProductVersion: 21.9.0
580. 5f00.18e0: FileVersion: Anti-Malware Core.21.9.0.327
581. 5f00.18e0: PrivateBuild: Anti-Malware Core.21.9.0.327
582. 5f00.18e0: FileDescription: Event Driver
583. 5f00.18e0: \SystemRoot\System32\drivers\mfewfpk.sys:
584. 5f00.18e0: CreationTime: 2021-03-02T21:06:12.000000000Z
585. 5f00.18e0: LastWriteTime: 2021-09-28T21:02:42.000000000Z
586. 5f00.18e0: ChangeTime: 2022-02-17T14:13:40.787639300Z
587. 5f00.18e0: FileAttributes: 0x20
588. 5f00.18e0: Size: 0x3ea00
589. 5f00.18e0: NT Headers: 0xe0
590. 5f00.18e0: Timestamp: 0x6144da96
591. 5f00.18e0: Machine: 0x8664 - amd64
592. 5f00.18e0: Timestamp: 0x6144da96
593. 5f00.18e0: Image Version: 10.0
594. 5f00.18e0: SizeOfImage: 0x5a000 (368640)
595. 5f00.18e0: Resource Dir: 0x58000 LB 0x380
596. 5f00.18e0: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
597. 5f00.18e0: [Raw version resource data: 0x58060 LB 0x320, codepage 0x0 (reserved 0x0)]
598. 5f00.18e0: ProductName: SYSCORE
599. 5f00.18e0: ProductVersion: 21.09.0.184
600. 5f00.18e0: FileVersion: SYSCORE.21.09.0.184
601. 5f00.18e0: PrivateBuild: SYSCORE.21.09.0.184 F17,F18
602. 5f00.18e0: FileDescription: Anti-Virus Mini-Firewall Driver
603. 5f00.18e0: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
604. 5f00.18e0: Calling main()
605. 5f00.18e0: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
606. 5f00.18e0: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
607. 5f00.18e0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
608. 5f00.18e0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
609. 5f00.18e0: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
610. 5f00.18e0: SUPR3HardenedMain: Respawn #2
611. 5f00.18e0: supR3HardNtEnableThreadCreationEx:
612. 5f00.18e0: supR3HardenedDllNotificationCallback: load 00007ffab9040000 LB 0x0009e000 C:\Windows\System32\sechost.dll [fFlags=0x0]
613. 5f00.18e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
614. 5f00.18e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
615. 5f00.18e0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
616. 5f00.18e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll)
617. 5f00.18e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
618. 5f00.18e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
619. 5f00.18e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab9260000 'C:\Windows\System32\ntdll.dll'
620. 5f00.18e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\KernelBase.dll [lacks WinVerifyTrust]
621. 5f00.18e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KernelBase.dll (Input=KernelBase, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
622. 5f00.18e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'C:\Windows\System32\KernelBase.dll'
623. 5f00.18e0: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffab92daf50 pvNtTerminateThread=00007ffab9304960
624. 5f00.18e0: supR3HardenedWinDoReSpawn(2): New child 37b8.37bc [kernel32].
625. 5f00.18e0: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
626. 5f00.18e0: supR3HardNtChildGatherData: PebBaseAddress=00000000005b5000 cbPeb=0x388
627. 5f00.18e0: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffab9260000 uNtDllChildAddr=00007ffab9260000
628. 5f00.18e0: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffab92daf50
629. 5f00.18e0: supR3HardenedWinSetupChildInit: Initial context:
630. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff755637900 rdx=00000000005b5000
631. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
632. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
633. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
634. rip=00007ffab9264830 rsp=00000000003ffe98 rbp=0000000000000000 ctxflags=0010001b
635. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
636. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
637. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
638. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
639. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
640. 5f00.18e0: kernel32.dll: timestamp 0xafec8296 (rc=VINF_SUCCESS)
641. 5f00.18e0: supR3HardenedWinSetupChildInit: Start child.
642. 5f00.18e0: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
643. 5f00.18e0: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 33 sleeps
644. 5f00.18e0: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
645. 5f00.18e0: *0000000000000000-00000000002bffff 0x0001/0x0000 0x0000000
646. 5f00.18e0: *00000000002c0000-00000000002dffff 0x0004/0x0004 0x0020000
647. 5f00.18e0: *00000000002e0000-00000000002fefff 0x0002/0x0002 0x0040000
648. 5f00.18e0: 00000000002ff000-00000000002fffff 0x0001/0x0000 0x0000000
649. 5f00.18e0: *0000000000300000-00000000003fafff 0x0000/0x0004 0x0020000
650. 5f00.18e0: 00000000003fb000-00000000003fdfff 0x0104/0x0004 0x0020000
651. 5f00.18e0: 00000000003fe000-00000000003fffff 0x0004/0x0004 0x0020000
652. 5f00.18e0: *0000000000400000-00000000005b4fff 0x0000/0x0004 0x0020000
653. 5f00.18e0: 00000000005b5000-00000000005b7fff 0x0004/0x0004 0x0020000
654. 5f00.18e0: 00000000005b8000-00000000005fffff 0x0000/0x0004 0x0020000
655. 5f00.18e0: *0000000000600000-0000000000603fff 0x0002/0x0002 0x0040000
656. 5f00.18e0: 0000000000604000-000000000060ffff 0x0001/0x0000 0x0000000
657. 5f00.18e0: *0000000000610000-0000000000611fff 0x0004/0x0004 0x0020000
658. 5f00.18e0: 0000000000612000-000000007ffdffff 0x0001/0x0000 0x0000000
659. 5f00.18e0: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
660. 5f00.18e0: *000000007ffe1000-000000007ffe1fff 0x0002/0x0002 0x0020000
661. 5f00.18e0: 000000007ffe2000-00007ff59a0effff 0x0001/0x0000 0x0000000
662. 5f00.18e0: *00007ff59a0f0000-00007ff59a0f0fff 0x0002/0x0002 0x0040000
663. 5f00.18e0: 00007ff59a0f1000-00007ff75562ffff 0x0001/0x0000 0x0000000
664. 5f00.18e0: *00007ff755630000-00007ff755630fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
665. 5f00.18e0: 00007ff755631000-00007ff7556a7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
666. 5f00.18e0: 00007ff7556a8000-00007ff7556a8fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
667. 5f00.18e0: 00007ff7556a9000-00007ff7556f1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
668. 5f00.18e0: 00007ff7556f2000-00007ff7556f2fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
669. 5f00.18e0: 00007ff7556f3000-00007ff7556f3fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
670. 5f00.18e0: 00007ff7556f4000-00007ff7556f8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
671. 5f00.18e0: 00007ff7556f9000-00007ff7556f9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
672. 5f00.18e0: 00007ff7556fa000-00007ff7556fafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
673. 5f00.18e0: 00007ff7556fb000-00007ff7556fefff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
674. 5f00.18e0: 00007ff7556ff000-00007ff755747fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
675. 5f00.18e0: 00007ff755748000-00007ffab925ffff 0x0001/0x0000 0x0000000
676. 5f00.18e0: *00007ffab9260000-00007ffab9260fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
677. 5f00.18e0: 00007ffab9261000-00007ffab938bfff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
678. 5f00.18e0: 00007ffab938c000-00007ffab93d3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
679. 5f00.18e0: 00007ffab93d4000-00007ffab93dffff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
680. 5f00.18e0: 00007ffab93e0000-00007ffab93eefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
681. 5f00.18e0: 00007ffab93ef000-00007ffab93effff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
682. 5f00.18e0: 00007ffab93f0000-00007ffab93f2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
683. 5f00.18e0: 00007ffab93f3000-00007ffab9468fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume3\Windows\System32\ntdll.dll
684. 5f00.18e0: 00007ffab9469000-00007ffffffeffff 0x0001/0x0000 0x0000000
685. 5f00.18e0: VirtualBoxVM.exe: timestamp 0x623a5dfe (rc=VINF_SUCCESS)
686. 5f00.18e0: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
687. 5f00.18e0: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
688. 5f00.18e0: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
689. 5f00.18e0: supR3HardNtChildPurify: Done after 545 ms and 0 fixes (loop #0).
690. 5f00.18e0: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000b20000 LB 0x800000)
691. 37b8.37bc: Log file opened: 6.1.34r150636 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa055f000
692. 5f00.18e0: supR3HardNtEnableThreadCreationEx:
693. 37b8.37bc: supR3HardenedVmProcessInit: uNtDllAddr=00007ffab9260000 g_uNtVerCombined=0xa055f000 (stack ~00000000003ff918)
694. 37b8.37bc: ntdll.dll: timestamp 0x5398ab6f (rc=VINF_SUCCESS)
695. 37b8.37bc: New simple heap: #1 0000000000720000 LB 0x800000 (for 2134016 allocation)
696. 37b8.37bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
697. 37b8.37bc: System32: \Device\HarddiskVolume3\Windows\System32
698. 37b8.37bc: WinSxS: \Device\HarddiskVolume3\Windows\WinSxS
699. 37b8.37bc: KnownDllPath: C:\Windows\System32
700. 37b8.37bc: supR3HardenedVmProcessInit: Opening vboxdrv...
701. 37b8.37bc: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
702. 37b8.37bc: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
703. 37b8.37bc: Registered Dll notification callback with NTDLL.
704. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel32.dll)
705. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel32.dll
706. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
707. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab69a0000 LB 0x00379000 C:\Windows\System32\KERNELBASE.dll [fFlags=0x0]
708. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\KernelBase.dll)
709. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\KernelBase.dll
710. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7880000 LB 0x000bd000 C:\Windows\System32\KERNEL32.DLL [fFlags=0x0]
711. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
712. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\KERNEL32.DLL'
713. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ff755630000 LB 0x00118000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
714. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
715. 37b8.37bc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
716. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
717. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
718. 37b8.37bc: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffab92daf50 pvNtTerminateThread=00007ffab9304960
719. 5f00.18e0: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 91 ms.
720. 37b8.37bc: \SystemRoot\System32\ntdll.dll:
721. 37b8.37bc: CreationTime: 2022-07-13T09:48:33.425384000Z
722. 37b8.37bc: LastWriteTime: 2022-07-13T09:48:33.464782100Z
723. 37b8.37bc: ChangeTime: 2022-07-15T09:20:37.898077300Z
724. 37b8.37bc: FileAttributes: 0x20
725. 37b8.37bc: Size: 0x207e08
726. 37b8.37bc: NT Headers: 0xe0
727. 37b8.37bc: Timestamp: 0x5398ab6f
728. 37b8.37bc: Machine: 0x8664 - amd64
729. 37b8.37bc: Timestamp: 0x5398ab6f
730. 37b8.37bc: Image Version: 10.0
731. 37b8.37bc: SizeOfImage: 0x209000 (2134016)
732. 37b8.37bc: Resource Dir: 0x194000 LB 0x73528
733. 37b8.37bc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
734. 37b8.37bc: [Raw version resource data: 0x1940f0 LB 0x380, codepage 0x0 (reserved 0x0)]
735. 37b8.37bc: ProductName: Microsoft® Windows® Operating System
736. 37b8.37bc: ProductVersion: 10.0.22000.778
737. 37b8.37bc: FileVersion: 10.0.22000.778 (WinBuild.160101.0800)
738. 37b8.37bc: FileDescription: NT Layer DLL
739. 37b8.37bc: \SystemRoot\System32\kernel32.dll:
740. 37b8.37bc: CreationTime: 2022-06-16T22:13:47.886924000Z
741. 37b8.37bc: LastWriteTime: 2022-06-16T22:13:47.899916800Z
742. 37b8.37bc: ChangeTime: 2022-07-13T09:49:56.810738300Z
743. 37b8.37bc: FileAttributes: 0x20
744. 37b8.37bc: Size: 0xc0058
745. 37b8.37bc: NT Headers: 0xf8
746. 37b8.37bc: Timestamp: 0xafec8296
747. 37b8.37bc: Machine: 0x8664 - amd64
748. 37b8.37bc: Timestamp: 0xafec8296
749. 37b8.37bc: Image Version: 10.0
750. 37b8.37bc: SizeOfImage: 0xbd000 (774144)
751. 37b8.37bc: Resource Dir: 0xbb000 LB 0x520
752. 37b8.37bc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
753. 37b8.37bc: [Raw version resource data: 0xbb0b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
754. 37b8.37bc: ProductName: Microsoft® Windows® Operating System
755. 37b8.37bc: ProductVersion: 10.0.22000.708
756. 37b8.37bc: FileVersion: 10.0.22000.708 (WinBuild.160101.0800)
757. 37b8.37bc: FileDescription: Windows NT BASE API Client DLL
758. 37b8.37bc: \SystemRoot\System32\KernelBase.dll:
759. 37b8.37bc: CreationTime: 2022-07-13T09:48:33.970578400Z
760. 37b8.37bc: LastWriteTime: 2022-07-13T09:48:34.072201200Z
761. 37b8.37bc: ChangeTime: 2022-07-15T09:21:13.777271800Z
762. 37b8.37bc: FileAttributes: 0x20
763. 37b8.37bc: Size: 0x380268
764. 37b8.37bc: NT Headers: 0xf8
765. 37b8.37bc: Timestamp: 0x960371d1
766. 37b8.37bc: Machine: 0x8664 - amd64
767. 37b8.37bc: Timestamp: 0x960371d1
768. 37b8.37bc: Image Version: 10.0
769. 37b8.37bc: SizeOfImage: 0x379000 (3641344)
770. 37b8.37bc: Resource Dir: 0x34a000 LB 0x548
771. 37b8.37bc: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
772. 37b8.37bc: [Raw version resource data: 0x34a0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
773. 37b8.37bc: ProductName: Microsoft® Windows® Operating System
774. 37b8.37bc: ProductVersion: 10.0.22000.795
775. 37b8.37bc: FileVersion: 10.0.22000.795 (WinBuild.160101.0800)
776. 37b8.37bc: FileDescription: Windows NT BASE API Client DLL
777. 37b8.37bc: \SystemRoot\System32\apisetschema.dll:
778. 37b8.37bc: CreationTime: 2021-06-05T12:04:59.928787900Z
779. 37b8.37bc: LastWriteTime: 2021-06-05T12:04:59.928787900Z
780. 37b8.37bc: ChangeTime: 2022-07-13T09:49:56.784497700Z
781. 37b8.37bc: FileAttributes: 0x20
782. 37b8.37bc: Size: 0x24150
783. 37b8.37bc: NT Headers: 0xc8
784. 37b8.37bc: Timestamp: 0x68d1dbaf
785. 37b8.37bc: Machine: 0x8664 - amd64
786. 37b8.37bc: Timestamp: 0x68d1dbaf
787. 37b8.37bc: Image Version: 10.0
788. 37b8.37bc: SizeOfImage: 0x23000 (143360)
789. 37b8.37bc: Resource Dir: 0x22000 LB 0x408
790. 37b8.37bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
791. 37b8.37bc: [Raw version resource data: 0x22060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
792. 37b8.37bc: ProductName: Microsoft® Windows® Operating System
793. 37b8.37bc: ProductVersion: 10.0.22000.1
794. 37b8.37bc: FileVersion: 10.0.22000.1 (WinBuild.160101.0800)
795. 37b8.37bc: FileDescription: ApiSet Schema DLL
796. 37b8.37bc: NtOpenDirectoryObject failed on \Driver: 0xc0000022
797. 37b8.37bc: supR3HardenedWinFindAdversaries: 0x20
798. 37b8.37bc: \SystemRoot\System32\drivers\cfwids.sys:
799. 37b8.37bc: CreationTime: 2021-03-02T21:06:14.000000000Z
800. 37b8.37bc: LastWriteTime: 2021-09-28T21:02:42.000000000Z
801. 37b8.37bc: ChangeTime: 2022-02-17T14:13:42.561653600Z
802. 37b8.37bc: FileAttributes: 0x20
803. 37b8.37bc: Size: 0x12400
804. 37b8.37bc: NT Headers: 0xe0
805. 37b8.37bc: Timestamp: 0x6144daa5
806. 37b8.37bc: Machine: 0x8664 - amd64
807. 37b8.37bc: Timestamp: 0x6144daa5
808. 37b8.37bc: Image Version: 10.0
809. 37b8.37bc: SizeOfImage: 0x13000 (77824)
810. 37b8.37bc: Resource Dir: 0x11000 LB 0x550
811. 37b8.37bc: [Version info resource found at 0x80! (ID/Name: 0x1; SubID/SubName: 0x409)]
812. 37b8.37bc: [Raw version resource data: 0x110a0 LB 0x318, codepage 0x0 (reserved 0x0)]
813. 37b8.37bc: ProductName: SYSCORE
814. 37b8.37bc: ProductVersion: 21.09.0.184
815. 37b8.37bc: FileVersion: SYSCORE.21.09.0.184
816. 37b8.37bc: PrivateBuild: SYSCORE.21.09.0.184
817. 37b8.37bc: FileDescription: McAfee Personal Firewall IDS Plugin
818. 37b8.37bc: \SystemRoot\System32\drivers\mfeavfk.sys:
819. 37b8.37bc: CreationTime: 2021-03-02T21:06:12.000000000Z
820. 37b8.37bc: LastWriteTime: 2021-09-28T21:02:42.000000000Z
821. 37b8.37bc: ChangeTime: 2022-02-17T14:13:42.404177800Z
822. 37b8.37bc: FileAttributes: 0x20
823. 37b8.37bc: Size: 0x5f600
824. 37b8.37bc: NT Headers: 0xf0
825. 37b8.37bc: Timestamp: 0x6144da96
826. 37b8.37bc: Machine: 0x8664 - amd64
827. 37b8.37bc: Timestamp: 0x6144da96
828. 37b8.37bc: Image Version: 10.0
829. 37b8.37bc: SizeOfImage: 0x60000 (393216)
830. 37b8.37bc: Resource Dir: 0x5e000 LB 0x758
831. 37b8.37bc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
832. 37b8.37bc: [Raw version resource data: 0x5e110 LB 0x334, codepage 0x0 (reserved 0x0)]
833. 37b8.37bc: ProductName: SYSCORE
834. 37b8.37bc: ProductVersion: 21.09.0.184
835. 37b8.37bc: FileVersion: SYSCORE.21.09.0.184
836. 37b8.37bc: PrivateBuild: SYSCORE.21.09.0.184 F15,F16,F19
837. 37b8.37bc: FileDescription: Anti-Virus File System Filter Driver
838. 37b8.37bc: \SystemRoot\System32\drivers\mfefirek.sys:
839. 37b8.37bc: CreationTime: 2021-03-02T21:06:12.000000000Z
840. 37b8.37bc: LastWriteTime: 2021-09-28T21:02:42.000000000Z
841. 37b8.37bc: ChangeTime: 2022-02-17T14:13:42.380174300Z
842. 37b8.37bc: FileAttributes: 0x20
843. 37b8.37bc: Size: 0x80800
844. 37b8.37bc: NT Headers: 0xd8
845. 37b8.37bc: Timestamp: 0x6144daa7
846. 37b8.37bc: Machine: 0x8664 - amd64
847. 37b8.37bc: Timestamp: 0x6144daa7
848. 37b8.37bc: Image Version: 10.0
849. 37b8.37bc: SizeOfImage: 0x82000 (532480)
850. 37b8.37bc: Resource Dir: 0x80000 LB 0x388
851. 37b8.37bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
852. 37b8.37bc: [Raw version resource data: 0x80060 LB 0x328, codepage 0x0 (reserved 0x0)]
853. 37b8.37bc: ProductName: SYSCORE
854. 37b8.37bc: ProductVersion: 21.09.0.184
855. 37b8.37bc: FileVersion: SYSCORE.21.09.0.184
856. 37b8.37bc: PrivateBuild: SYSCORE.21.09.0.184 F17,F18
857. 37b8.37bc: FileDescription: McAfee Core Firewall Engine Driver
858. 37b8.37bc: \SystemRoot\System32\drivers\mfehidk.sys:
859. 37b8.37bc: CreationTime: 2021-03-02T21:06:14.000000000Z
860. 37b8.37bc: LastWriteTime: 2021-09-28T21:02:40.000000000Z
861. 37b8.37bc: ChangeTime: 2022-02-17T14:13:42.033393300Z
862. 37b8.37bc: FileAttributes: 0x20
863. 37b8.37bc: Size: 0x109c00
864. 37b8.37bc: NT Headers: 0x100
865. 37b8.37bc: Timestamp: 0x6144db21
866. 37b8.37bc: Machine: 0x8664 - amd64
867. 37b8.37bc: Timestamp: 0x6144db21
868. 37b8.37bc: Image Version: 10.0
869. 37b8.37bc: SizeOfImage: 0x115000 (1134592)
870. 37b8.37bc: Resource Dir: 0x112000 LB 0x780
871. 37b8.37bc: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
872. 37b8.37bc: [Raw version resource data: 0x112110 LB 0x320, codepage 0x0 (reserved 0x0)]
873. 37b8.37bc: ProductName: SYSCORE
874. 37b8.37bc: ProductVersion: 21.09.0.184
875. 37b8.37bc: FileVersion: SYSCORE.21.09.0.184
876. 37b8.37bc: PrivateBuild: SYSCORE.21.09.0.184 F14,F15,F16,F18,F20
877. 37b8.37bc: FileDescription: McAfee Link Driver
878. 37b8.37bc: \SystemRoot\System32\drivers\mfencbdc.sys:
879. 37b8.37bc: CreationTime: 2021-09-16T08:52:14.000000000Z
880. 37b8.37bc: LastWriteTime: 2021-09-16T08:52:14.000000000Z
881. 37b8.37bc: ChangeTime: 2022-02-17T14:15:27.567390100Z
882. 37b8.37bc: FileAttributes: 0x20
883. 37b8.37bc: Size: 0x9be00
884. 37b8.37bc: NT Headers: 0xe0
885. 37b8.37bc: Timestamp: 0x61403be3
886. 37b8.37bc: Machine: 0x8664 - amd64
887. 37b8.37bc: Timestamp: 0x61403be3
888. 37b8.37bc: Image Version: 10.0
889. 37b8.37bc: SizeOfImage: 0xad000 (708608)
890. 37b8.37bc: Resource Dir: 0xab000 LB 0x3d0
891. 37b8.37bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
892. 37b8.37bc: [Raw version resource data: 0xab060 LB 0x370, codepage 0x0 (reserved 0x0)]
893. 37b8.37bc: ProductName: Anti-Malware Core
894. 37b8.37bc: ProductVersion: 21.9.0
895. 37b8.37bc: FileVersion: Anti-Malware Core.21.9.0.327
896. 37b8.37bc: PrivateBuild: Anti-Malware Core.21.9.0.327
897. 37b8.37bc: FileDescription: Event Driver
898. 37b8.37bc: \SystemRoot\System32\drivers\mfewfpk.sys:
899. 37b8.37bc: CreationTime: 2021-03-02T21:06:12.000000000Z
900. 37b8.37bc: LastWriteTime: 2021-09-28T21:02:42.000000000Z
901. 37b8.37bc: ChangeTime: 2022-02-17T14:13:40.787639300Z
902. 37b8.37bc: FileAttributes: 0x20
903. 37b8.37bc: Size: 0x3ea00
904. 37b8.37bc: NT Headers: 0xe0
905. 37b8.37bc: Timestamp: 0x6144da96
906. 37b8.37bc: Machine: 0x8664 - amd64
907. 37b8.37bc: Timestamp: 0x6144da96
908. 37b8.37bc: Image Version: 10.0
909. 37b8.37bc: SizeOfImage: 0x5a000 (368640)
910. 37b8.37bc: Resource Dir: 0x58000 LB 0x380
911. 37b8.37bc: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
912. 37b8.37bc: [Raw version resource data: 0x58060 LB 0x320, codepage 0x0 (reserved 0x0)]
913. 37b8.37bc: ProductName: SYSCORE
914. 37b8.37bc: ProductVersion: 21.09.0.184
915. 37b8.37bc: FileVersion: SYSCORE.21.09.0.184
916. 37b8.37bc: PrivateBuild: SYSCORE.21.09.0.184 F17,F18
917. 37b8.37bc: FileDescription: Anti-Virus Mini-Firewall Driver
918. 37b8.37bc: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
919. 37b8.37bc: Calling main()
920. 37b8.37bc: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
921. 37b8.37bc: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox'
922. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe: Signature #1/2: info status: 24202
923. 37b8.37bc: '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
924. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
925. 37b8.37bc: SUPR3HardenedMain: Final process, opening VBoxDrv...
926. 37b8.37bc: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000720000 LB 0x800000)
927. 37b8.37bc: supR3HardNtEnableThreadCreationEx:
928. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll: Signature #1/2: info status: 24202
929. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
930. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
931. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
932. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
933. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaad010000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
934. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
935. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
936. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
937. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaad010000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
938. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
939. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
940. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaad010000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
941. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaad010000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
942. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
943. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
944. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wintrust.dll)
945. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wintrust.dll
946. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
947. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
948. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll)
949. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
950. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
951. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
952. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcrt.dll)
953. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
954. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
955. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab83f0000 LB 0x000a3000 C:\Windows\System32\msvcrt.dll [fFlags=0x0]
956. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
957. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7760000 LB 0x00120000 C:\Windows\System32\RPCRT4.dll [fFlags=0x0]
958. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
959. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab68b0000 LB 0x00067000 C:\Windows\System32\Wintrust.dll [fFlags=0x0]
960. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
961. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6dc0000 LB 0x00111000 C:\Windows\System32\ucrtbase.dll [fFlags=0x0]
962. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll)
963. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ucrtbase.dll
964. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6740000 LB 0x00162000 C:\Windows\System32\CRYPT32.dll [fFlags=0x0]
965. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\crypt32.dll)
966. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\crypt32.dll
967. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
968. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
969. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
970. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
971. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
972. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
973. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
974. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
975. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
976. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
977. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
978. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-l1-2-1'
979. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msasn1.dll)
980. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msasn1.dll
981. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6030000 LB 0x00012000 C:\Windows\SYSTEM32\MSASN1.dll [fFlags=0x0]
982. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
983. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab68b0000 'C:\Windows\system32\Wintrust.dll'
984. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcrypt.dll)
985. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcrypt.dll
986. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
987. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
988. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6120000 LB 0x00027000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
989. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
990. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6120000 'C:\Windows\system32\bcrypt.dll'
991. 37b8.37bc: bcrypt.dll loaded at 00007ffab6120000, BCryptOpenAlgorithmProvider at 00007ffab6125a30, preloading providers:
992. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll)
993. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
994. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
995. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6920000 LB 0x0007f000 C:\Windows\System32\bcryptprimitives.dll [fFlags=0x0]
996. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
997. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6920000 'C:\Windows\system32\bcryptprimitives.dll'
998. 37b8.37bc: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=00000000011507f0)
999. 37b8.37bc: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000001151dc0)
1000. 37b8.37bc: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000001152110)
1001. 37b8.37bc: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000001152460)
1002. 37b8.37bc: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=00000000011527b0)
1003. 37b8.37bc: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000001152b00)
1004. 37b8.37bc: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000001152e50)
1005. 37b8.37bc: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=00000000011531a0)
1006. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptsp.dll)
1007. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptsp.dll
1008. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab5fe0000 LB 0x00018000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
1009. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
1010. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\rsaenh.dll)
1011. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
1012. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1013. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1014. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab5850000 LB 0x00035000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
1015. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1016. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1017. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptbase.dll)
1018. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptbase.dll
1019. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab5f00000 LB 0x0000c000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
1020. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1021. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1022. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1023. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
1024. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1025. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1026. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab68b0000 'C:\Windows\System32\WINTRUST.DLL'
1027. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1028. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1029. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\CRYPT32.dll'
1030. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7730000 LB 0x0001f000 C:\Windows\System32\imagehlp.dll [fFlags=0x0]
1031. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imagehlp.dll)
1032. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imagehlp.dll
1033. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1034. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1035. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1036. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab9040000 LB 0x0009e000 C:\Windows\System32\sechost.dll [fFlags=0x0]
1037. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\sechost.dll)
1038. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\sechost.dll
1039. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1040. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1041. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gpapi.dll)
1042. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gpapi.dll
1043. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab5d80000 LB 0x00024000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
1044. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1045. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\profapi.dll)
1046. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\profapi.dll
1047. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6670000 LB 0x00021000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0]
1048. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\profapi.dll [lacks WinVerifyTrust]
1049. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1050. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
1051. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cryptnet.dll)
1052. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cryptnet.dll
1053. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1054. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume3\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1055. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1056. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1057. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1058. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1059. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1060. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1061. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1062. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1063. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1064. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1065. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1066. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1067. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaa3720000 LB 0x00031000 C:\Windows\System32\cryptnet.dll [fFlags=0x0]
1068. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1069. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1070. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1071. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1072. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1073. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1074. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1075. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1076. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1077. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1078. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1079. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1080. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1081. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1082. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1083. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1084. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1085. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1086. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1087. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1088. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1089. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1090. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1091. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1092. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1093. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1094. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1095. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1096. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1097. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1098. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1099. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa3720000 'C:\Windows\System32\cryptnet.dll'
1100. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab90e0000 LB 0x000ae000 C:\Windows\System32\advapi32.dll [fFlags=0x0]
1101. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1102. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
1103. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
1104. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\advapi32.dll)
1105. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\advapi32.dll
1106. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1107. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1108. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1109. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1110. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
1111. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume3\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
1112. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1113. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1114. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1115. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1116. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1117. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1118. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1119. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1120. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1121. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1122. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000001236bc0
1123. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
1124. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9645A818EDD1CE222F74503C54ECACF6B01D5633
1125. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1126. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1127. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7760000 'C:\Windows\System32\rpcrt4.dll'
1128. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1129. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1130. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1131. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1132. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1133. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1134. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.22000.795.cat'; file='\SystemRoot\System32\ntdll.dll'
1135. 37b8.37bc: g_pfnWinVerifyTrust=00007ffab68c04a0
1136. 37b8.37bc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1137. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1138. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1139. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1140. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1141. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1142. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1143. 37b8.37bc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\crypt32.dll'
1144. 37b8.37bc: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1145. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1146. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1147. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1148. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
1149. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1150. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1151. 37b8.37bc: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\wintrust.dll'
1152. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1153. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1154. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1155. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
1156. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1157. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1158. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\advapi32.dll'
1159. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1160. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1161. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1162. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptnet.dll'
1163. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1164. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1165. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1166. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\profapi.dll'
1167. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1168. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1169. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1170. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gpapi.dll'
1171. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1172. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1173. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1174. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\sechost.dll'
1175. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1176. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1177. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1178. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imagehlp.dll'
1179. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1180. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1181. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1182. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptbase.dll'
1183. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1184. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1185. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1186. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rsaenh.dll'
1187. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
1188. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1189. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1190. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
1191. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1192. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1193. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cryptsp.dll'
1194. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1195. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1196. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll'
1197. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1198. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1199. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\bcrypt.dll'
1200. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1201. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1202. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msasn1.dll'
1203. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1204. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1205. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\ucrtbase.dll'
1206. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1207. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1208. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll'
1209. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1210. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1211. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll'
1212. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1213. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1214. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1215. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
1216. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1217. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1218. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\KernelBase.dll'
1219. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1220. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1221. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel32.dll'
1222. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\system32\crypt32.dll'
1223. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1224. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1225. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1226. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1227. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
1228. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1229. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1230. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1231. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
1232. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1233. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1234. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1235. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
1236. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
1237. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1238. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d993fde1950a700 C=US, O=IdenTrust, CN=IdenTrust Commercial Root CA 1
1239. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1240. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1241. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xbbde687390e6bf00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Trusted Root G4
1242. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1243. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe248b7eeee4af00 C=CH, O=SwissSign AG, CN=SwissSign Gold CA - G2
1244. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1245. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1246. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
1247. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3714f47324e8ad00 C=US, O=Internet Security Research Group, CN=ISRG Root X1
1248. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1249. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1250. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1251. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1252. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1253. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3178d37f87f1c400 C=CH, O=SwissSign AG, CN=SwissSign Silver CA - G2
1254. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1255. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1256. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1257. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf966ca73e8079500 OU=GlobalSign Root CA - R6, O=GlobalSign, CN=GlobalSign
1258. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xbebef0d2217f0bfb C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G3
1259. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1260. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1261. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1262. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xb352b1523915d000 C=JP, O=SECOM Trust Systems CO.,LTD., OU=Security Communication RootCA2
1263. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x73e85f1bda5faa00 C=DE, O=T-Systems Enterprise Services GmbH, OU=T-Systems Trust Center, CN=T-TeleSec GlobalRoot Class 2
1264. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xb28612a94b4dad00 O=Entrust.net, OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.), OU=(c) 1999 Entrust.net Limited, CN=Entrust.net Certification Authority (2048)
1265. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xe87add30c52db600 C=BE, O=GlobalSign nv-sa, CN=GlobalSign Code Signing Root R45
1266. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1267. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1268. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1269. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1270. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1271. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1272. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x7b3081c535b843ae C=US, O=Google Trust Services LLC, CN=GTS Root R4
1273. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1274. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xdc1801b225aea100 C=BM, O=QuoVadis Limited, CN=QuoVadis Root CA 2 G3
1275. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1276. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1277. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1278. 37b8.37bc: supR3HardenedWinIsDesiredRootCA: Adding 0xfc891b3fa9f8c200 C=GR, L=Athens, O=Hellenic Academic and Research Institutions Cert. Authority, CN=Hellenic Academic and Research Institutions RootCA 2015
1279. 37b8.37bc: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=56
1280. 37b8.37bc: SUPR3HardenedMain: Load Runtime...
1281. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll: Signature #1/2: info status: 24202
1282. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1283. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1284. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1285. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1286. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1287. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1288. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1289. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1290. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1291. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1292. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1293. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1294. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ws2_32.dll) WinVerifyTrust
1295. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
1296. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1297. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1298. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
1299. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1300. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1301. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll: Signature #1/2: info status: 24202
1302. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1303. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1304. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
1305. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1306. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1307. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1308. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1309. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1310. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1311. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1312. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1313. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1314. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll: Signature #1/2: info status: 24202
1315. 37b8.37bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1316. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll)
1317. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1318. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1319. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1320. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1321. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1322. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1323. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1324. 37b8.37bc: supR3HardenedDllNotificationCallback: load 000000006cda0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1325. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1326. 37b8.37bc: supR3HardenedDllNotificationCallback: load 000000006c790000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1327. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1328. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab91b0000 LB 0x0006f000 C:\Windows\System32\WS2_32.dll [fFlags=0x0]
1329. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
1330. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa6ad30000 LB 0x005ec000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1331. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1332. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1333. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1334. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1335. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1336. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1337. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1338. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1339. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1340. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1341. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1342. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1343. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1344. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1345. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1346. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1347. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1348. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1349. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1350. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1351. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1352. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1353. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1354. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1355. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1356. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1357. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1358. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1359. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1360. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1361. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1362. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1363. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1364. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1365. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1366. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1367. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1368. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1369. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1370. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1371. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1372. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1373. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1374. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1375. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1376. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1377. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1378. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1379. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1380. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1381. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1382. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1383. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1384. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1385. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1386. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1387. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1388. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1389. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1390. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1391. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1392. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1393. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1394. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1395. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1396. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1397. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1398. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1399. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1400. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1401. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1402. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1403. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1404. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1405. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1406. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1407. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1408. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1409. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1410. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1411. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1412. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1413. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1414. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1415. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1416. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1417. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1418. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1419. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1420. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1421. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1422. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1423. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1424. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1425. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1426. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1427. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1428. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1429. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1430. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1431. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1432. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1433. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1434. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1435. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1436. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1437. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1438. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1439. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1440. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1441. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1442. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1443. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1444. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1445. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1446. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1447. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1448. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1449. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1450. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1451. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1452. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1453. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1454. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1455. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1456. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1457. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1458. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1459. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1460. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1461. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1462. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1463. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1464. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1465. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1466. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1467. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1468. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1469. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1470. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1471. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1472. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1473. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1474. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1475. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1476. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1477. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1478. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1479. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1480. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1481. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1482. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1483. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1484. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1485. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1486. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1487. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1488. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1489. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1490. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1491. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1492. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1493. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxRT.dll
1494. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1495. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1496. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1497. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1498. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1499. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1500. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1501. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1502. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1503. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1504. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1505. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1506. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1507. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1508. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6ad30000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1509. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1510. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll'
1511. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
1512. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1513. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab68b0000 'C:\Windows\system32\Wintrust.dll'
1514. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
1515. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1516. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1517. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1518. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1519. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1520. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\system32\crypt32.dll'
1521. 37b8.37bc: SUPR3HardenedMain: Load TrustedMain...
1522. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll: Signature #1/2: info status: 24202
1523. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1524. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1525. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1526. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1527. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1528. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1529. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1530. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1531. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1532. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1533. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1534. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1535. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1536. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1537. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1538. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1539. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1540. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1541. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1542. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1543. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1544. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winmm.dll) WinVerifyTrust
1545. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winmm.dll
1546. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1547. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1548. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1549. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1550. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
1551. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1552. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1553. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1554. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1555. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'rpcrt4.dll'.
1556. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\oleaut32.dll) WinVerifyTrust
1557. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
1558. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1559. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1560. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1561. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1562. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
1563. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1564. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1565. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
1566. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1567. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\combase.dll)
1568. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\combase.dll
1569. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1570. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1571. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
1572. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll)
1573. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
1574. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1575. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1576. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
1577. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1578. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
1579. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1580. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1581. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1582. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'gdi32.dll'.
1583. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'user32.dll'.
1584. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
1585. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ole32.dll) WinVerifyTrust
1586. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ole32.dll
1587. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1588. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1589. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1590. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1591. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [lacks WinVerifyTrust]
1592. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1593. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1594. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
1595. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1596. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
1597. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll)
1598. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\user32.dll
1599. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1600. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1601. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
1602. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'win32u.dll'.
1603. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32.dll)
1604. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32.dll
1605. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1606. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1607. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
1608. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1609. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1610. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
1611. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\win32u.dll)
1612. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\win32u.dll
1613. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1614. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1615. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1616. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1617. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1618. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1619. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1620. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1621. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1622. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
1623. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\user32.dll) WinVerifyTrust
1624. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1625. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1626. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll: Signature #1/2: info status: 24202
1627. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1628. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1629. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1630. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1631. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1632. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1633. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1634. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1635. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1636. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1637. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1638. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1639. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1640. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1641. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1642. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1643. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1644. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1645. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1646. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1647. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1648. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll: Signature #1/2: info status: 24202
1649. 37b8.37bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1650. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1651. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1652. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1653. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1654. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1655. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1656. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1657. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1658. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1659. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1660. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1661. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1662. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll: Signature #1/2: info status: 24202
1663. 37b8.37bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1664. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1665. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1666. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1667. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1668. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1669. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1670. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1671. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1672. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1673. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1674. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1675. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll: Signature #1/2: info status: 24202
1676. 37b8.37bc: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1677. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1678. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1679. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1680. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1681. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1682. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1683. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1684. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1685. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1686. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1687. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1688. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1689. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1690. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1691. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1692. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1693. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1694. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
1695. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1696. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #71 'user32.dll'.
1697. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #73 'gdi32.dll'.
1698. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shell32.dll)
1699. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shell32.dll
1700. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1701. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1702. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1703. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1704. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1705. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1706. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1707. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1708. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1709. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1710. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1711. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1712. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1713. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1714. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1715. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1716. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1717. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1718. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1719. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1720. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1721. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1722. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1723. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1724. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1725. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1726. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1727. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1728. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1729. 37b8.37bc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'.
1730. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1731. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1732. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1733. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'gdi32.dll'.
1734. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'glu32.dll'.
1735. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\opengl32.dll)
1736. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\opengl32.dll
1737. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1738. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1739. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
1740. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1741. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1742. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1743. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1744. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1745. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1746. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1747. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1748. 37b8.37bc: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
1749. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\mpr.dll)
1750. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\mpr.dll
1751. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1752. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1753. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
1754. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1755. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1756. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
1757. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1758. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1759. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
1760. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1761. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1762. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1763. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1764. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1765. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1766. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1767. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1768. 37b8.37bc: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
1769. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1770. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1771. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1772. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\glu32.dll)
1773. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\glu32.dll
1774. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1775. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1776. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1777. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1778. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1779. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1780. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1781. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1782. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
1783. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1784. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1785. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
1786. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1787. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1788. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1789. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1790. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1791. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1792. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1793. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1794. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [lacks WinVerifyTrust]
1795. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1796. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1797. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1798. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1799. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1800. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1801. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1802. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1803. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
1804. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1805. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1806. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1807. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1808. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1809. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1810. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1811. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1812. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1813. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1814. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1815. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1816. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1817. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1818. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1819. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1820. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1821. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1822. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1823. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1824. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1825. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1826. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1827. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1828. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1829. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1830. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1831. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1832. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1833. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1834. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1835. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1836. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1837. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1838. 37b8.37bc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1839. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1840. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1841. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1842. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1843. 37b8.37bc: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1844. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1845. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1846. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
1847. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1848. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1849. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
1850. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1851. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1852. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1853. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1854. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll: Signature #1/2: info status: 24202
1855. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1856. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1857. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1858. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1859. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1860. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1861. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1862. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1863. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1864. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1865. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1866. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1867. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
1868. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1869. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume3\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1870. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1871. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000001e8 pwszName=\Device\HarddiskVolume3\Windows\System32\opengl32.dll
1872. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
1873. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
1874. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2D524BD25A743CA0A9032840CDC536A92793110A
1875. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1876. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1877. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1878. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1879. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
1880. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1881. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1882. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
1883. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1884. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1885. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
1886. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1887. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1888. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [lacks WinVerifyTrust]
1889. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1890. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1891. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
1892. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1893. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1894. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1895. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1896. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1897. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1898. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1899. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1900. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1901. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1902. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
1903. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
1904. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpenGL-Package~31bf3856ad364e35~amd64~~10.0.22000.708.cat'; file='\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
1905. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1906. 37b8.37bc: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\opengl32.dll'
1907. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1908. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1909. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
1910. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
1911. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1912. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1913. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1914. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1915. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
1916. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1917. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1918. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1919. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
1920. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DXCore.dll)
1921. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DXCore.dll
1922. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6ee0000 LB 0x00026000 C:\Windows\System32\win32u.dll [fFlags=0x0]
1923. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
1924. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6d20000 LB 0x0009d000 C:\Windows\System32\msvcp_win.dll [fFlags=0x0]
1925. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
1926. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab6f10000 LB 0x00112000 C:\Windows\System32\gdi32full.dll [fFlags=0x0]
1927. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1928. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'gdi32.dll'.
1929. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
1930. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'win32u.dll'.
1931. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\gdi32full.dll)
1932. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\gdi32full.dll
1933. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7ed0000 LB 0x00029000 C:\Windows\System32\GDI32.dll [fFlags=0x0]
1934. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
1935. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab71a0000 LB 0x001ac000 C:\Windows\System32\USER32.dll [fFlags=0x0]
1936. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [avoiding WinVerifyTrust]
1937. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7350000 LB 0x00379000 C:\Windows\System32\combase.dll [fFlags=0x0]
1938. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1939. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaafe60000 LB 0x00038000 C:\Windows\SYSTEM32\dxcore.dll [fFlags=0x0]
1940. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
1941. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa7a3a0000 LB 0x0002d000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
1942. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume3\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1943. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa79bf0000 LB 0x00101000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1944. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\opengl32.dll
1945. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab85e0000 LB 0x007b8000 C:\Windows\System32\SHELL32.dll [fFlags=0x0]
1946. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
1947. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab8da0000 LB 0x0019a000 C:\Windows\System32\ole32.dll [fFlags=0x0]
1948. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
1949. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa8c1b0000 LB 0x0001d000 C:\Windows\SYSTEM32\MPR.dll [fFlags=0x0]
1950. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1951. 37b8.37bc: supR3HardenedDllNotificationCallback: load 000000006c830000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1952. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1953. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa6a730000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1954. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1955. 37b8.37bc: supR3HardenedDllNotificationCallback: load 000000006c220000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1956. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1957. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab8500000 LB 0x000d6000 C:\Windows\System32\OLEAUT32.dll [fFlags=0x0]
1958. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
1959. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa604f0000 LB 0x02320000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
1960. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\UICommon.dll
1961. 37b8.37bc: supR3HardenedDllNotificationCallback: load 000000006c1c0000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1962. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1963. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaafab0000 LB 0x00033000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
1964. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
1965. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa69f70000 LB 0x001c9000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
1966. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1967. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
1968. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
1969. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
1970. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
1971. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
1972. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
1973. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
1974. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
1975. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
1976. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
1977. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1978. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1979. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
1980. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
1981. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
1982. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
1983. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
1984. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
1985. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
1986. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
1987. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
1988. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
1989. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
1990. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1991. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1992. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1993. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
1994. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
1995. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1996. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1997. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll [redoing WinVerifyTrust]
1998. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
1999. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\user32.dll
2000. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2001. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2002. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
2003. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2004. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\gdi32.dll
2005. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2006. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2007. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
2008. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2009. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
2010. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2011. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2012. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2013. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2014. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
2015. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2016. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2017. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
2018. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2019. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
2020. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2021. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
2022. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2023. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2024. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2025. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2026. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2027. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2028. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2029. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2030. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2031. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2032. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2033. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2034. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2035. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2036. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2037. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2038. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2039. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2040. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2041. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2042. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2043. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2044. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2045. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2046. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2047. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2048. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2049. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2050. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2051. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2052. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2053. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2054. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2055. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2056. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2057. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2058. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2059. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2060. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2061. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2062. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2063. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2064. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2065. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2066. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
2067. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2068. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-string-l1-1-0'
2069. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2070. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2071. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2072. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2073. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2074. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2075. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2076. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2077. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2078. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2079. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2080. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2081. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2082. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2083. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2084. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2085. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2086. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2087. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2088. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2089. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2090. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2091. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2092. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2093. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2094. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2095. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2096. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2097. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2098. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2099. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2100. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2101. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2102. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2103. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2104. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2105. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2106. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2107. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2108. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2109. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2110. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2111. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2112. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2113. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
2114. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2115. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-datetime-l1-1-1'
2116. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2117. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2118. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2119. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2120. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2121. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2122. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2123. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2124. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2125. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2126. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2127. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2128. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2129. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2130. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2131. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2132. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2133. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2134. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2135. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2136. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2137. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2138. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2139. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2140. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2141. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2142. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2143. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2144. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2145. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2146. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2147. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2148. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2149. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2150. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2151. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2152. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2153. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2154. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2155. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2156. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2157. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2158. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2159. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2160. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
2161. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2162. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-obsolete-l1-2-0'
2163. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2164. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2165. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2166. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2167. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2168. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2169. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2170. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2171. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2172. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2173. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2174. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2175. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2176. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2177. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2178. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2179. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2180. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2181. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2182. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2183. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2184. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2185. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'win32u.dll'.
2186. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\imm32.dll)
2187. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\imm32.dll
2188. 37b8.37bc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000570 (hFile=0000000000000540) with 0xc0000022 -> STATUS_TRUST_FAILURE
2189. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
2190. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
2191. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2192. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2193. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2194. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2195. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2196. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2197. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2198. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2199. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2200. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2201. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2202. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2203. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2204. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2205. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2206. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2207. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2208. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2209. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2210. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2211. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2212. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2213. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [redoing WinVerifyTrust]
2214. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
2215. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\imm32.dll
2216. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2217. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2218. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2219. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2220. 37b8.37bc: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume3\Windows\System32\win32u.dll
2221. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2222. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab8020000 LB 0x00031000 C:\Windows\System32\IMM32.DLL [fFlags=0x0]
2223. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
2224. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8020000 'C:\Windows\system32\IMM32.DLL'
2225. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
2226. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
2227. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2228. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2229. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2230. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2231. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2232. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2233. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2234. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2235. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2236. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2237. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2238. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2239. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2240. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2241. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2242. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2243. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2244. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2245. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2246. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2247. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2248. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2249. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
2250. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
2251. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2252. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2253. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2254. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2255. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2256. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2257. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2258. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2259. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2260. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2261. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2262. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2263. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2264. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2265. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2266. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2267. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2268. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2269. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2270. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2271. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2272. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2273. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
2274. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2275. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab90e0000 'C:\Windows\System32\ADVAPI32.DLL'
2276. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\imm32.dll'.
2277. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rescheduled]
2278. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'.
2279. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll' [rescheduled]
2280. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'.
2281. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll' [rescheduled]
2282. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume3\Windows\System32\glu32.dll'.
2283. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll' [rescheduled]
2284. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\mpr.dll'.
2285. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll' [rescheduled]
2286. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\shell32.dll'.
2287. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rescheduled]
2288. 37b8.37bc: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2289. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2290. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\win32u.dll'.
2291. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll' [rescheduled]
2292. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'.
2293. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rescheduled]
2294. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\user32.dll'.
2295. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rescheduled]
2296. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'.
2297. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rescheduled]
2298. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\combase.dll'.
2299. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rescheduled]
2300. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa69f70000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
2301. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2302. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2303. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\imm32.dll'
2304. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2305. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2306. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32full.dll'
2307. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2308. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2309. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\DXCore.dll'
2310. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f4 pwszName=\Device\HarddiskVolume3\Windows\System32\glu32.dll
2311. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2312. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2313. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AA7DC3A3EEA8D84E88346437F6D9D5DF9B3C090B
2314. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2315. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2316. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-OpenGL-Package~31bf3856ad364e35~amd64~~10.0.22000.708.cat'; file='\Device\HarddiskVolume3\Windows\System32\glu32.dll'
2317. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2318. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\glu32.dll'
2319. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2320. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2321. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\mpr.dll'
2322. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2323. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2324. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shell32.dll'
2325. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2326. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
2327. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2328. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2329. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\win32u.dll'
2330. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2331. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2332. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\gdi32.dll'
2333. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2334. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2335. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\user32.dll'
2336. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2337. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2338. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll'
2339. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2340. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2341. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\combase.dll'
2342. 37b8.37bc: SUPR3HardenedMain: Calling TrustedMain (00007ffa69f716c0)...
2343. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
2344. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
2345. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\windows.storage.dll)
2346. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\windows.storage.dll
2347. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
2348. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinTypes.dll)
2349. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinTypes.dll
2350. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab46d0000 LB 0x00166000 C:\Windows\SYSTEM32\wintypes.dll [fFlags=0x0]
2351. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
2352. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab4840000 LB 0x00867000 C:\Windows\SYSTEM32\windows.storage.dll [fFlags=0x0]
2353. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\windows.storage.dll [avoiding WinVerifyTrust]
2354. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab8300000 LB 0x000ea000 C:\Windows\System32\SHCORE.dll [fFlags=0x0]
2355. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
2356. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\SHCore.dll)
2357. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\SHCore.dll
2358. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab76d0000 LB 0x0005d000 C:\Windows\System32\shlwapi.dll [fFlags=0x0]
2359. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
2360. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\shlwapi.dll)
2361. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
2362. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2363. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2364. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
2365. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2366. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2367. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
2368. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2369. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2370. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
2371. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2372. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2373. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
2374. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2375. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2376. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
2377. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2378. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2379. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll'
2380. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2381. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2382. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\SHCore.dll'
2383. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2384. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2385. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\WinTypes.dll'
2386. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2387. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2388. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\windows.storage.dll'
2389. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll: Signature #1/2: info status: 24202
2390. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2391. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
2392. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
2393. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2394. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
2395. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
2396. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2397. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2398. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
2399. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2400. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2401. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2402. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2403. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2404. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2405. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2406. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2407. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2408. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2409. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2410. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2411. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2412. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2413. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2414. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
2415. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2416. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2417. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
2418. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2419. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2420. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
2421. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2422. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume3\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2423. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
2424. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2425. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume3\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2426. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\imm32.dll
2427. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2428. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2429. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2430. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2431. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
2432. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2433. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2434. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2435. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2436. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa6a600000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2437. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2438. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6a600000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2439. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
2440. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'bcryptprimitives.dll'.
2441. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #51 'combase.dll'.
2442. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume3\Windows\System32\rpcss.dll)
2443. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\rpcss.dll
2444. 37b8.37bc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000664 (hFile=000000000000065c) with 0xc0000022 -> STATUS_TRUST_FAILURE
2445. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcrt.dll'.
2446. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll)
2447. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll
2448. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab58f0000 LB 0x00018000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
2449. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
2450. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2451. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2452. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2453. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2454. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
2455. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
2456. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
2457. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\bcryptprimitives.dll
2458. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2459. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2460. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2461. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2462. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\kernel.appcore.dll'
2463. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000061c pwszName=\Device\HarddiskVolume3\Windows\System32\rpcss.dll
2464. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2465. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2466. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6F8588C53CF005F56300DEE3FD5DAA315FCB234C
2467. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2468. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2469. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.22000.795.cat'; file='\Device\HarddiskVolume3\Windows\System32\rpcss.dll'
2470. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2471. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\rpcss.dll'
2472. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000006c0 pwszName=\Device\HarddiskVolume3\Windows\System32\uxtheme.dll
2473. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2474. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2475. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=61274C2BDE408C67C424C4C13D53130AFD0B246D
2476. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rsaenh.dll
2477. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2478. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2479. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2480. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.675.cat'; file='\Device\HarddiskVolume3\Windows\System32\uxtheme.dll'
2481. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2482. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'gdi32.dll'.
2483. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'user32.dll'.
2484. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\uxtheme.dll) WinVerifyTrust
2485. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
2486. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2487. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2488. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2489. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2490. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2491. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
2492. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaaf8e0000 LB 0x000ac000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
2493. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
2494. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaf8e0000 'C:\Windows\system32\uxtheme.dll'
2495. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab71a0000 'C:\Windows\system32\user32.dll'
2496. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
2497. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2498. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
2499. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
2500. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2501. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8300000 'C:\Windows\system32\SHCore.dll'
2502. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2503. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\Windows\system32\wintab32.dll'
2504. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
2505. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2506. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaafab0000 'C:\Windows\system32\winmm.dll'
2507. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winmm.dll
2508. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2509. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaafab0000 'C:\Windows\system32\winmm.dll'
2510. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
2511. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2512. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
2513. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\uxtheme.dll
2514. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2515. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaaf8e0000 'C:\Windows\system32\uxtheme.dll'
2516. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
2517. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2518. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab90e0000 'C:\Windows\system32\advapi32.dll'
2519. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2520. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2521. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
2522. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\userenv.dll) WinVerifyTrust
2523. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\userenv.dll
2524. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2525. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2526. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2527. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
2528. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab5db0000 LB 0x00029000 C:\Windows\system32\userenv.dll [fFlags=0x0]
2529. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\userenv.dll
2530. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5db0000 'C:\Windows\system32\userenv.dll'
2531. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2532. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2533. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
2534. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab70f0000 LB 0x000af000 C:\Windows\System32\clbcatq.dll [fFlags=0x0]
2535. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2536. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
2537. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\clbcatq.dll)
2538. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\clbcatq.dll
2539. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcss.dll
2540. 37b8.37bc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 00000000000004d0 (hFile=0000000000000410) with 0xc0000022 -> STATUS_TRUST_FAILURE
2541. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2542. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2543. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2544. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2545. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2546. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2547. 37b8.5c88: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\clbcatq.dll'
2548. 37b8.5c88: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll: Signature #1/2: info status: 24202
2549. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2550. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2551. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2552. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2553. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2554. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2555. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2556. 37b8.5c88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2557. 37b8.5c88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
2558. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2559. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2560. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
2561. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2562. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2563. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
2564. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2565. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2566. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
2567. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2568. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2569. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2570. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2571. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll
2572. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2573. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2574. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2575. 37b8.5c88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
2576. 37b8.5c88: supR3HardenedDllNotificationCallback: load 00007ffa6a140000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2577. 37b8.5c88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
2578. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6a140000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2579. 37b8.5c88: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll: Signature #1/2: info status: 24202
2580. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2581. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2582. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2583. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2584. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2585. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2586. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2587. 37b8.5c88: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2588. 37b8.5c88: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2589. 37b8.5c88: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2590. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2591. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2592. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2593. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2594. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
2595. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2596. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2597. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
2598. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2599. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2600. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
2601. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2602. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2603. 37b8.5c88: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
2604. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2605. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2606. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2607. 37b8.5c88: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2608. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2609. 37b8.5c88: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2610. 37b8.5c88: supR3HardenedDllNotificationCallback: load 00007ffa6a510000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2611. 37b8.5c88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2612. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6a510000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2613. 37b8.5c88: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
2614. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2615. 37b8.5c88: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8500000 'C:\Windows\System32\oleaut32.dll'
2616. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007c0 pwszName=\Device\HarddiskVolume3\Windows\System32\DWrite.dll
2617. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2618. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2619. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8AE5D5BE47C4C094784D740DD813A46A9A210B4C
2620. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2621. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2622. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-Graphics-DirectX-Package~31bf3856ad364e35~amd64~~10.0.22000.653.cat'; file='\Device\HarddiskVolume3\Windows\System32\DWrite.dll'
2623. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2624. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2625. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
2626. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DWrite.dll) WinVerifyTrust
2627. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DWrite.dll
2628. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2629. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2630. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2631. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2632. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dwrite.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2633. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DWrite.dll
2634. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa96340000 LB 0x0025f000 C:\Windows\system32\dwrite.dll [fFlags=0x0]
2635. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DWrite.dll
2636. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa96340000 'C:\Windows\system32\dwrite.dll'
2637. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
2638. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2639. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
2640. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7db0000 LB 0x0011e000 C:\Windows\System32\MSCTF.dll [fFlags=0x0]
2641. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2642. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\msctf.dll)
2643. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\msctf.dll
2644. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2645. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2646. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2647. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2648. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\msctf.dll'
2649. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000009bc pwszName=\Device\HarddiskVolume3\Windows\System32\DataExchange.dll
2650. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2651. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2652. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=101A03863CE4DE896B456ABD0FCE21AF048BCA12
2653. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2654. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2655. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-OneCore-AppRuntime-merged-Package~31bf3856ad364e35~amd64~~10.0.22000.795.cat'; file='\Device\HarddiskVolume3\Windows\System32\DataExchange.dll'
2656. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2657. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'msvcp_win.dll'.
2658. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\DataExchange.dll) WinVerifyTrust
2659. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
2660. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2661. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2662. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcp_win.dll
2663. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2664. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
2665. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa75d20000 LB 0x0005d000 C:\Windows\system32\dataexchange.dll [fFlags=0x0]
2666. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\DataExchange.dll
2667. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa75d20000 'C:\Windows\system32\dataexchange.dll'
2668. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'combase.dll'.
2669. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #42 'msvcp_win.dll'.
2670. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll)
2671. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll
2672. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaa90a0000 LB 0x00266000 C:\Windows\system32\twinapi.appcore.dll [fFlags=0x0]
2673. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
2674. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2675. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2676. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2677. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume3\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2678. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\combase.dll
2679. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2680. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2681. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\twinapi.appcore.dll'
2682. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\SHCore.dll
2683. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2684. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8300000 'C:\Windows\system32\Shcore.dll'
2685. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2686. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
2687. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
2688. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll)
2689. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll
2690. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaa4b90000 LB 0x0012d000 C:\Windows\SYSTEM32\textinputframework.dll [fFlags=0x0]
2691. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
2692. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'msvcp_win.dll'.
2693. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll)
2694. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
2695. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaaf4f0000 LB 0x00132000 C:\Windows\SYSTEM32\CoreMessaging.dll [fFlags=0x0]
2696. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
2697. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2698. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2699. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2700. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2701. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2702. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2703. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
2704. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2705. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2706. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2707. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2708. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll'
2709. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2710. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2711. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\TextInputFramework.dll'
2712. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-security-sddl-l1-1-0.dll) -> 0x0, fPresent=1
2713. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-security-sddl-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2714. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab9040000 'api-ms-win-security-sddl-l1-1-0.dll'
2715. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
2716. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2717. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab71a0000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
2718. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
2719. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2720. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab71a0000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
2721. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2722. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'coremessaging.dll'.
2723. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll)
2724. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll
2725. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaaacc0000 LB 0x0036d000 C:\Windows\SYSTEM32\CoreUIComponents.dll [fFlags=0x0]
2726. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
2727. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
2728. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume3\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
2729. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\CoreMessaging.dll
2730. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2731. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2732. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2733. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2734. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\CoreUIComponents.dll'
2735. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\rpcrt4.dll
2736. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\RPCRT4.dll (Input=RPCRT4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2737. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7760000 'C:\Windows\System32\RPCRT4.dll'
2738. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-security-systemfunctions-l1-1-0) -> 0x0, fPresent=1
2739. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-security-systemfunctions-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2740. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab90e0000 'api-ms-win-security-systemfunctions-l1-1-0'
2741. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msctf.dll
2742. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2743. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7db0000 'C:\Windows\System32\MSCTF.dll'
2744. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
2745. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2746. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
2747. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
2748. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
2749. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2750. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8da0000 'C:\Windows\System32\ole32.dll'
2751. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\oleaut32.dll
2752. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2753. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8500000 'C:\Windows\System32\OLEAUT32.dll'
2754. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ac0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
2755. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2756. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2757. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=72A7777E2E42F8ED9F54E831EF23DA9E1E18ED1C
2758. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2759. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2760. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.675.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll'
2761. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2762. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2763. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'wbemcomn.dll'.
2764. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2765. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
2766. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2767. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2768. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ac4 pwszName=\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
2769. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2770. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2771. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=45A464176830F0AA8063DB542765DA4B4DCE6F9E
2772. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2773. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2774. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.675.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll'
2775. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2776. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2777. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll) WinVerifyTrust
2778. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
2779. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2780. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2781. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2782. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2783. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\msvcrt.dll
2784. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2785. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
2786. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
2787. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa9ac60000 LB 0x00082000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2788. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
2789. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaa4db0000 LB 0x00010000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2790. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemprox.dll
2791. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
2792. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2793. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2794. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4db0000 'C:\Windows\system32\wbem\wbemprox.dll'
2795. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ad4 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
2796. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2797. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2798. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3B9E6574CB33BE95DDDFC06987443AD17F741154
2799. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2800. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\crypt32.dll
2801. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2802. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2803. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.675.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll'
2804. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2805. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2806. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2807. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2808. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
2809. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2810. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2811. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2812. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2813. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2814. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
2815. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa9a250000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2816. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\wbemsvc.dll
2817. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa9a250000 'C:\Windows\system32\wbem\wbemsvc.dll'
2818. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
2819. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2820. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-l1-2-0.dll'
2821. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
2822. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2823. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
2824. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ad0 pwszName=\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
2825. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2826. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2827. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C006C9BBF3712859F7F5F20A758C570A45C51802
2828. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2829. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2830. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.22000.675.cat'; file='\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll'
2831. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2832. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2833. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
2834. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2835. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
2836. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2837. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume3\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2838. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbemcomn.dll
2839. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2840. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2841. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2842. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
2843. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa94a40000 LB 0x000fa000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2844. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wbem\fastprox.dll
2845. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa94a40000 'C:\Windows\system32\wbem\fastprox.dll'
2846. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b18 pwszName=\Device\HarddiskVolume3\Windows\System32\amsi.dll
2847. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
2848. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
2849. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2B275E46A4D44743A2E7B3BD101381367F8671AE
2850. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2851. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2852. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.22000.795.cat'; file='\Device\HarddiskVolume3\Windows\System32\amsi.dll'
2853. 37b8.37bc: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2854. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2855. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
2856. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\amsi.dll) WinVerifyTrust
2857. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\amsi.dll
2858. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2859. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2860. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2861. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2862. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2863. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
2864. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa969d0000 LB 0x00025000 C:\Windows\System32\amsi.dll [fFlags=0x0]
2865. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\amsi.dll
2866. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa969d0000 'C:\Windows\System32\amsi.dll'
2867. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2868. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2869. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
2870. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2871. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2872. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOAV.dll) WinVerifyTrust
2873. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOAV.dll
2874. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2875. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2876. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2877. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2878. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2879. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2880. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOav.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2881. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOAV.dll
2882. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa93be0000 LB 0x0007b000 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOav.dll [fFlags=0x0]
2883. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOAV.dll
2884. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2885. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2886. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
2887. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
2888. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2889. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-l1-2-1'
2890. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2891. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2892. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
2893. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
2894. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2895. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\version.dll)
2896. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\version.dll
2897. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2898. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2899. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2900. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
2901. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffaacf80000 LB 0x0000a000 C:\Windows\system32\version.dll [fFlags=0x0]
2902. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll [avoiding WinVerifyTrust]
2903. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaacf80000 'C:\Windows\system32\version.dll'
2904. 37b8.37bc: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume3\Windows\System32\version.dll'.
2905. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume3\Windows\System32\version.dll' [rescheduled]
2906. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa93be0000 'C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2205.7-0\MpOav.dll'
2907. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2908. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2909. 37b8.37bc: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\version.dll'
2910. 37b8.37bc: \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll: Owner is administrators group.
2911. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2912. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2913. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
2914. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
2915. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
2916. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2917. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2918. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shlwapi.dll'.
2919. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'shell32.dll'.
2920. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll) WinVerifyTrust
2921. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
2922. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2923. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume3\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2924. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2925. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2926. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shlwapi.dll
2927. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2928. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2929. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2930. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2931. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2932. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2933. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2934. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2935. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
2936. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
2937. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2938. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2939. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\psapi.dll) WinVerifyTrust
2940. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\psapi.dll
2941. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\McAfee\MfeAV\AMSIExt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2942. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
2943. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffab7750000 LB 0x00008000 C:\Windows\System32\PSAPI.DLL [fFlags=0x0]
2944. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
2945. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa93af0000 LB 0x000ea000 C:\Program Files\McAfee\MfeAV\AMSIExt.dll [fFlags=0x0]
2946. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
2947. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2948. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2949. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
2950. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
2951. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2952. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
2953. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2954. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2955. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
2956. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
2957. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2958. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
2959. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
2960. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2961. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-l1-2-1'
2962. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
2963. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2964. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
2965. 37b8.37bc: Error (rc=0):
2966. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: rejecting UNC name '\\?\C:\Windows\System32\version.dll'
2967. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc00000fb
2968. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\version.dll
2969. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\version.dll (Input=version.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2970. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaacf80000 'C:\Windows\System32\version.dll'
2971. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
2972. 37b8.37bc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000bc0 (hFile=0000000000000bbc) with 0xc0000022 -> STATUS_TRUST_FAILURE
2973. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\McAfee\MfeAV\AMSIExt.dll
2974. 37b8.37bc: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000000bc0 (hFile=0000000000000bbc) with 0xc0000022 -> STATUS_TRUST_FAILURE
2975. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa93af0000 'C:\Program Files\McAfee\MfeAV\AMSIExt.dll'
2976. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2977. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2978. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll: Owner is administrators group.
2979. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll: Signature #3/3: VERR_CR_X509_CPV_NO_TRUSTED_PATHS (-23021) w/ timestamp=0x6144da9f/link.
2980. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
2981. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
2982. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'psapi.dll'.
2983. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
2984. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'wintrust.dll'.
2985. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll) WinVerifyTrust
2986. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
2987. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wintrust.dll'...
2988. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'wintrust.dll' -> '\Device\HarddiskVolume3\Windows\System32\wintrust.dll' [rcNtRedir=0xc0150008]
2989. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\wintrust.dll
2990. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2991. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2992. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
2993. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
2994. 37b8.37bc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\psapi.dll
2995. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2996. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
2997. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa9e6f0000 LB 0x0008a000 C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll [fFlags=0x0]
2998. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
2999. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3000. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3001. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
3002. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3003. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3004. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
3005. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3006. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3007. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
3008. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3009. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3010. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
3011. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3012. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3013. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-l1-2-1'
3014. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
3015. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3016. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
3017. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa9e6f0000 'C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll'
3018. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3019. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3020. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
3021. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3022. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa9e6f0000 'C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll'
3023. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfehida.dll
3024. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3025. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa9e6f0000 'C:\Program Files\Common Files\McAfee\SystemCore\mfehida.dll'
3026. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab90e0000 'C:\Windows\System32\advapi32.dll'
3027. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3028. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3029. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll: Owner is administrators group.
3030. 37b8.37bc: \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll: Signature #3/3: VERR_CR_X509_CPV_NO_TRUSTED_PATHS (-23021) w/ timestamp=0x6144db1a/link.
3031. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3032. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3033. 37b8.37bc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
3034. 37b8.37bc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll) WinVerifyTrust
3035. 37b8.37bc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll
3036. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3037. 37b8.37bc: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3038. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3039. 37b8.37bc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll
3040. 37b8.37bc: supR3HardenedDllNotificationCallback: load 00007ffa9a000000 LB 0x000be000 C:\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll [fFlags=0x0]
3041. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll
3042. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3043. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3044. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
3045. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3046. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3047. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
3048. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
3049. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3050. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-synch-l1-2-0'
3051. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
3052. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3053. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-fibers-l1-1-1'
3054. 37b8.37bc: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
3055. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3056. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab69a0000 'api-ms-win-core-localization-l1-2-1'
3057. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\kernel32.dll
3058. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3059. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab7880000 'C:\Windows\System32\kernel32.dll'
3060. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa9a000000 'C:\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll'
3061. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll
3062. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3063. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa9a000000 'C:\Program Files\Common Files\McAfee\SystemCore\mfemmsa.dll'
3064. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab90e0000 'C:\Windows\System32\advapi32.dll'
3065. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab90e0000 'C:\Windows\System32\ADVAPI32.dll'
3066. 37b8.480c: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll: Signature #1/2: info status: 24202
3067. 37b8.480c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3068. 37b8.480c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3069. 37b8.480c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3070. 37b8.480c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
3071. 37b8.480c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3072. 37b8.480c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3073. 37b8.480c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3074. 37b8.480c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3075. 37b8.480c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3076. 37b8.480c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3077. 37b8.480c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3078. 37b8.480c: supR3HardenedDllNotificationCallback: load 00007ffa69ab0000 LB 0x0037e000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
3079. 37b8.480c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3080. 37b8.480c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa69ab0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
3081. 37b8.2314: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8da0000 'C:\Windows\system32\ole32.dll'
3082. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8da0000 'C:\Windows\system32\ole32.dll'
3083. 37b8.60c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8da0000 'C:\Windows\system32\ole32.dll'
3084. 37b8.3e14: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8da0000 'C:\Windows\system32\ole32.dll'
3085. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3086. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ca8 pwszName=\Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
3087. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
3088. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
3089. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=6F8C888F69F54D27A8AFD63EDE4EB670F37A9036
3090. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3091. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3092. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04111~31bf3856ad364e35~amd64~~10.0.22000.708.cat'; file='\Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll'
3093. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3094. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3095. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
3096. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'oleaut32.dll'.
3097. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'ws2_32.dll'.
3098. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'netsetupapi.dll'.
3099. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'setupapi.dll'.
3100. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'devrtl.dll'.
3101. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll) WinVerifyTrust
3102. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
3103. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devrtl.dll'...
3104. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'devrtl.dll' -> '\Device\HarddiskVolume3\Windows\System32\devrtl.dll' [rcNtRedir=0xc0150008]
3105. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000cc4 pwszName=\Device\HarddiskVolume3\Windows\System32\devrtl.dll
3106. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
3107. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
3108. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=33E077F8355DAA7AD265B0AA861AC4D610180021
3109. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3110. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3111. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.22000.795.cat'; file='\Device\HarddiskVolume3\Windows\System32\devrtl.dll'
3112. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3113. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devrtl.dll) WinVerifyTrust
3114. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devrtl.dll
3115. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3116. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3117. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3118. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3119. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3120. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\setupapi.dll) WinVerifyTrust
3121. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\setupapi.dll
3122. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netsetupapi.dll'...
3123. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'netsetupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\netsetupapi.dll' [rcNtRedir=0xc0150008]
3124. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3125. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3126. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3127. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3128. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3129. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
3130. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll) WinVerifyTrust
3131. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll
3132. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3133. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3134. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
3135. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3136. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume3\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3137. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3138. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3139. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3140. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3141. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3142. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3143. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3144. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3145. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupShim.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3146. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
3147. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll)
3148. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
3149. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll
3150. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devrtl.dll
3151. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffab6440000 LB 0x0004c000 C:\Windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0]
3152. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
3153. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffaa6910000 LB 0x00028000 C:\Windows\System32\NetSetupApi.dll [fFlags=0x0]
3154. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupApi.dll
3155. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffab7940000 LB 0x0046c000 C:\Windows\System32\SETUPAPI.dll [fFlags=0x0]
3156. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
3157. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa96be0000 LB 0x00014000 C:\Windows\System32\DEVRTL.dll [fFlags=0x0]
3158. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devrtl.dll
3159. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa94430000 LB 0x0007b000 C:\Windows\System32\NetSetupShim.dll [fFlags=0x0]
3160. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupShim.dll
3161. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa94430000 'C:\Windows\System32\NetSetupShim.dll'
3162. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3163. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3164. 37b8.46e4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll'
3165. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3166. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3167. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3168. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
3169. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'nsi.dll'.
3170. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'winnsi.dll'.
3171. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll) WinVerifyTrust
3172. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll
3173. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
3174. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
3175. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3176. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3177. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\winnsi.dll) WinVerifyTrust
3178. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\winnsi.dll
3179. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3180. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume3\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3181. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3182. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3183. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\nsi.dll) WinVerifyTrust
3184. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\nsi.dll
3185. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3186. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume3\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3187. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3188. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3189. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\NetSetupEngine.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3190. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll
3191. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll
3192. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffab8130000 LB 0x00009000 C:\Windows\System32\NSI.dll [fFlags=0x0]
3193. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\nsi.dll
3194. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffaade20000 LB 0x0000c000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
3195. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\winnsi.dll
3196. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa69e90000 LB 0x000d3000 C:\Windows\System32\NetSetupEngine.dll [fFlags=0x0]
3197. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\NetSetupEngine.dll
3198. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa69e90000 'C:\Windows\System32\NetSetupEngine.dll'
3199. 37b8.5eec: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll: Signature #1/2: info status: 24202
3200. 37b8.5eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3201. 37b8.5eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3202. 37b8.5eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3203. 37b8.5eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3204. 37b8.5eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3205. 37b8.5eec: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
3206. 37b8.5eec: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
3207. 37b8.5eec: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3208. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3209. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3210. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3211. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3212. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3213. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3214. 37b8.5eec: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3215. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3216. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3217. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3218. 37b8.5eec: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3219. 37b8.5eec: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3220. 37b8.5eec: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3221. 37b8.5eec: supR3HardenedDllNotificationCallback: load 00007ffaac1f0000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
3222. 37b8.5eec: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
3223. 37b8.5eec: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaac1f0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
3224. 37b8.3078: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll: Signature #1/2: info status: 24202
3225. 37b8.3078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3226. 37b8.3078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3227. 37b8.3078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3228. 37b8.3078: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3229. 37b8.3078: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
3230. 37b8.3078: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3231. 37b8.3078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3232. 37b8.3078: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3233. 37b8.3078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3234. 37b8.3078: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3235. 37b8.3078: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3236. 37b8.3078: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3237. 37b8.3078: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3238. 37b8.3078: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3239. 37b8.3078: supR3HardenedDllNotificationCallback: load 00007ffaa8120000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
3240. 37b8.3078: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
3241. 37b8.3078: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa8120000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
3242. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\Shell32.dll'
3243. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000db0 pwszName=\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
3244. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000001236bc0
3245. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000001236bc0
3246. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8B3A29BB93DC85DF241632350324C9785EA8BDD9
3247. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3248. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3249. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\HyperV-Hypervisor-API-Package~31bf3856ad364e35~amd64~~10.0.22000.71.cat'; file='\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll'
3250. 37b8.46e4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3251. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'.
3252. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'devobj.dll'.
3253. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
3254. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
3255. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
3256. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume3\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
3257. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3258. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3259. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'cfgmgr32.dll'.
3260. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\devobj.dll) WinVerifyTrust
3261. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\devobj.dll
3262. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'...
3263. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume3\Windows\System32\vid.dll' [rcNtRedir=0xc0150008]
3264. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3265. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3266. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\cfgmgr32.dll
3267. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3268. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3269. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\vid.dll) WinVerifyTrust
3270. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\vid.dll
3271. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3272. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
3273. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
3274. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
3275. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa70970000 LB 0x0002d000 C:\Windows\SYSTEM32\vid.dll [fFlags=0x0]
3276. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
3277. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffab6410000 LB 0x0002c000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
3278. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\devobj.dll
3279. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa69a60000 LB 0x00046000 C:\Windows\system32\WinHvPlatform.dll [fFlags=0x0]
3280. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\WinHvPlatform.dll
3281. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa69a60000 'C:\Windows\system32\WinHvPlatform.dll'
3282. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\vid.dll
3283. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3284. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa70970000 'C:\Windows\system32\vid.dll'
3285. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3286. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3287. 37b8.46e4: '\Device\HarddiskVolume3\Windows\System32\ntdll.dll' has no imports
3288. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\ntdll.dll) WinVerifyTrust
3289. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\ntdll.dll
3290. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3291. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab9260000 'C:\Windows\system32\NTDLL.DLL'
3292. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3293. 37b8.46e4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll: Signature #1/2: info status: 24202
3294. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3295. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3296. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3297. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3298. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
3299. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
3300. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
3301. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
3302. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
3303. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
3304. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
3305. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
3306. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
3307. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
3308. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
3309. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3310. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3311. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
3312. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
3313. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
3314. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
3315. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3316. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume3\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3317. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ws2_32.dll
3318. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3319. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3320. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
3321. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3322. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3323. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\user32.dll
3324. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
3325. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
3326. 37b8.46e4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll: Signature #1/2: info status: 24202
3327. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3328. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3329. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3330. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
3331. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3332. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
3333. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
3334. 37b8.46e4: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll: Signature #1/2: info status: 24202
3335. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3336. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3337. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3338. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3339. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll
3340. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3341. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3342. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
3343. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
3344. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
3345. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
3346. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
3347. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3348. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3349. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3350. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3351. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3352. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3353. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3354. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3355. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
3356. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume3\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
3357. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\advapi32.dll
3358. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
3359. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume3\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
3360. 37b8.46e4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\setupapi.dll
3361. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
3362. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume3\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3363. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3364. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3365. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3366. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3367. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3368. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
3369. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3370. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3371. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
3372. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa73090000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3373. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3374. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa68e90000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3375. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3376. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffab5420000 LB 0x0002d000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
3377. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\IPHLPAPI.DLL
3378. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffa65040000 LB 0x00a04000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
3379. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD.dll
3380. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa65040000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
3381. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3382. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxC.dll
3383. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3384. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa6a140000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
3385. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3386. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3387. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3388. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa68e90000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
3389. 37b8.820: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll: Signature #1/2: info status: 24202
3390. 37b8.820: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3391. 37b8.820: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3392. 37b8.820: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3393. 37b8.820: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3394. 37b8.820: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3395. 37b8.820: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3396. 37b8.820: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3397. 37b8.820: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3398. 37b8.820: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3399. 37b8.820: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3400. 37b8.820: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3401. 37b8.820: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3402. 37b8.820: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3403. 37b8.820: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3404. 37b8.820: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3405. 37b8.820: supR3HardenedDllNotificationCallback: load 00007ffaa7f30000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3406. 37b8.820: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3407. 37b8.820: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa7f30000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3408. 37b8.25cc: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll: Signature #1/2: info status: 24202
3409. 37b8.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3410. 37b8.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3411. 37b8.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3412. 37b8.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3413. 37b8.25cc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3414. 37b8.25cc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
3415. 37b8.25cc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3416. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3417. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3418. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3419. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3420. 37b8.25cc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3421. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3422. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3423. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3424. 37b8.25cc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3425. 37b8.25cc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3426. 37b8.25cc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3427. 37b8.25cc: supR3HardenedDllNotificationCallback: load 00007ffaa6a00000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
3428. 37b8.25cc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3429. 37b8.25cc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa6a00000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
3430. 37b8.3188: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll: Signature #1/2: info status: 24202
3431. 37b8.3188: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3432. 37b8.3188: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3433. 37b8.3188: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3434. 37b8.3188: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3435. 37b8.3188: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
3436. 37b8.3188: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3437. 37b8.3188: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3438. 37b8.3188: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3439. 37b8.3188: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3440. 37b8.3188: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3441. 37b8.3188: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3442. 37b8.3188: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3443. 37b8.3188: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3444. 37b8.3188: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3445. 37b8.3188: supR3HardenedDllNotificationCallback: load 00007ffaa4cd0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
3446. 37b8.3188: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3447. 37b8.3188: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa4cd0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
3448. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3449. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab5850000 'C:\Windows\system32\rsaenh.dll'
3450. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab6740000 'C:\Windows\System32\crypt32.dll'
3451. 37b8.46e4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3452. 37b8.46e4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll) WinVerifyTrust
3453. 37b8.46e4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
3454. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3455. 37b8.46e4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume3\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3456. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3457. 37b8.46e4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
3458. 37b8.46e4: supR3HardenedDllNotificationCallback: load 00007ffaa96b0000 LB 0x0009c000 C:\Windows\System32\MMDevApi.dll [fFlags=0x0]
3459. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
3460. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa96b0000 'C:\Windows\System32\MMDevApi.dll'
3461. 37b8.46e4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\MMDevAPI.dll
3462. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3463. 37b8.46e4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffaa96b0000 'C:\Windows\System32\MMDEVAPI.DLL'
3464. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3465. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3466. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3467. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3468. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\shell32.dll
3469. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3470. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3471. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3472. 37b8.37bc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume3\Windows\System32\ole32.dll
3473. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3474. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab8da0000 'C:\Windows\system32\ole32.dll'
3475. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3476. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3477. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3478. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3479. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3480. 37b8.37bc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffab85e0000 'C:\Windows\system32\shell32.dll'
3481. 37b8.3188: supR3HardenedDllNotificationCallback: Unload 00007ffaa4cd0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [flags=0x0]
3482. 37b8.25cc: supR3HardenedDllNotificationCallback: Unload 00007ffaa6a00000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [flags=0x0]
3483. 37b8.820: supR3HardenedDllNotificationCallback: Unload 00007ffaa7f30000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [flags=0x0]
3484. 37b8.3078: supR3HardenedDllNotificationCallback: Unload 00007ffaa8120000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [flags=0x0]
3485. 37b8.5eec: supR3HardenedDllNotificationCallback: Unload 00007ffaac1f0000 LB 0x00010000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [flags=0x0]
3486. 37b8.46e4: supR3HardenedDllNotificationCallback: Unload 00007ffa65040000 LB 0x00a04000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [flags=0x0]
3487. 37b8.46e4: supR3HardenedDllNotificationCallback: Unload 00007ffa73090000 LB 0x00066000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [flags=0x0]
3488. 37b8.46e4: supR3HardenedDllNotificationCallback: Unload 00007ffa68e90000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [flags=0x0]
3489. 37b8.46e4: supR3HardenedDllNotificationCallback: Unload 00007ffab5420000 LB 0x0002d000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [flags=0x0]
3490. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa6a510000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [flags=0x0]
3491. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa9a250000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [flags=0x0]
3492. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffaa4db0000 LB 0x00010000 C:\Windows\system32\wbem\wbemprox.dll [flags=0x0]
3493. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa75d20000 LB 0x0005d000 C:\Windows\system32\dataexchange.dll [flags=0x0]
3494. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffaa90a0000 LB 0x00266000 C:\Windows\system32\twinapi.appcore.dll [flags=0x0]
3495. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa6a140000 LB 0x003c2000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [flags=0x0]
3496. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa94430000 LB 0x0007b000 C:\Windows\System32\NetSetupShim.dll [flags=0x0]
3497. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffaa6910000 LB 0x00028000 C:\Windows\System32\NetSetupApi.dll [flags=0x0]
3498. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffab7940000 LB 0x0046c000 C:\Windows\System32\SETUPAPI.dll [flags=0x0]
3499. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa96be0000 LB 0x00014000 C:\Windows\System32\DEVRTL.dll [flags=0x0]
3500. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa94a40000 LB 0x000fa000 C:\Windows\system32\wbem\fastprox.dll [flags=0x0]
3501. 37b8.37bc: supR3HardenedDllNotificationCallback: Unload 00007ffa9ac60000 LB 0x00082000 C:\Windows\SYSTEM32\wbemcomn.dll [flags=0x0]
3502. 37b8.37bc: Terminating the normal way: rcExit=0
3503. 5f00.18e0: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 33615 ms, the end);
3504. 48e4.5aec: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x0 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 34298 ms, the end);
3505.