2e14.3218: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000078 g_uNtVer

1. 2e14.3218: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000078 g_uNtVerCombined=0xa047ba00
2. 2e14.3218: \SystemRoot\System32\ntdll.dll:
3. 2e14.3218: CreationTime: 2019-10-09T10:35:45.073760000Z
4. 2e14.3218: LastWriteTime: 2019-10-09T10:35:45.211652700Z
5. 2e14.3218: ChangeTime: 2020-01-16T11:45:03.158089500Z
6. 2e14.3218: FileAttributes: 0x20
7. 2e14.3218: Size: 0x1e8528
8. 2e14.3218: NT Headers: 0xd8
9. 2e14.3218: Timestamp: 0x99ca0526
10. 2e14.3218: Machine: 0x8664 - amd64
11. 2e14.3218: Timestamp: 0x99ca0526
12. 2e14.3218: Image Version: 10.0
13. 2e14.3218: SizeOfImage: 0x1f0000 (2031616)
14. 2e14.3218: Resource Dir: 0x17f000 LB 0x6f310
15. 2e14.3218: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16. 2e14.3218: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17. 2e14.3218: ProductName: Microsoft® Windows® Operating System
18. 2e14.3218: ProductVersion: 10.0.18362.418
19. 2e14.3218: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
20. 2e14.3218: FileDescription: NT Layer DLL
21. 2e14.3218: \SystemRoot\System32\kernel32.dll:
22. 2e14.3218: CreationTime: 2019-09-02T14:07:38.017663300Z
23. 2e14.3218: LastWriteTime: 2019-09-02T14:07:38.233537200Z
24. 2e14.3218: ChangeTime: 2020-01-16T11:45:02.930080600Z
25. 2e14.3218: FileAttributes: 0x20
26. 2e14.3218: Size: 0xb0570
27. 2e14.3218: NT Headers: 0xe8
28. 2e14.3218: Timestamp: 0xd0cecc10
29. 2e14.3218: Machine: 0x8664 - amd64
30. 2e14.3218: Timestamp: 0xd0cecc10
31. 2e14.3218: Image Version: 10.0
32. 2e14.3218: SizeOfImage: 0xb2000 (729088)
33. 2e14.3218: Resource Dir: 0xb0000 LB 0x520
34. 2e14.3218: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35. 2e14.3218: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36. 2e14.3218: ProductName: Microsoft® Windows® Operating System
37. 2e14.3218: ProductVersion: 10.0.18362.329
38. 2e14.3218: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
39. 2e14.3218: FileDescription: Windows NT BASE API Client DLL
40. 2e14.3218: \SystemRoot\System32\KernelBase.dll:
41. 2e14.3218: CreationTime: 2019-12-12T10:00:55.556995800Z
42. 2e14.3218: LastWriteTime: 2019-12-12T10:00:55.674538800Z
43. 2e14.3218: ChangeTime: 2020-01-16T11:45:03.136102700Z
44. 2e14.3218: FileAttributes: 0x20
45. 2e14.3218: Size: 0x2a2638
46. 2e14.3218: NT Headers: 0xf0
47. 2e14.3218: Timestamp: 0x50cc8d5a
48. 2e14.3218: Machine: 0x8664 - amd64
49. 2e14.3218: Timestamp: 0x50cc8d5a
50. 2e14.3218: Image Version: 10.0
51. 2e14.3218: SizeOfImage: 0x2a3000 (2764800)
52. 2e14.3218: Resource Dir: 0x27d000 LB 0x548
53. 2e14.3218: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54. 2e14.3218: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55. 2e14.3218: ProductName: Microsoft® Windows® Operating System
56. 2e14.3218: ProductVersion: 10.0.18362.535
57. 2e14.3218: FileVersion: 10.0.18362.535 (WinBuild.160101.0800)
58. 2e14.3218: FileDescription: Windows NT BASE API Client DLL
59. 2e14.3218: \SystemRoot\System32\apisetschema.dll:
60. 2e14.3218: CreationTime: 2019-03-19T04:43:54.837151500Z
61. 2e14.3218: LastWriteTime: 2019-03-19T04:43:54.837151500Z
62. 2e14.3218: ChangeTime: 2020-01-16T11:45:02.918087300Z
63. 2e14.3218: FileAttributes: 0x20
64. 2e14.3218: Size: 0x1d028
65. 2e14.3218: NT Headers: 0xc8
66. 2e14.3218: Timestamp: 0xd6ced080
67. 2e14.3218: Machine: 0x8664 - amd64
68. 2e14.3218: Timestamp: 0xd6ced080
69. 2e14.3218: Image Version: 10.0
70. 2e14.3218: SizeOfImage: 0x1e000 (122880)
71. 2e14.3218: Resource Dir: 0x1d000 LB 0x408
72. 2e14.3218: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73. 2e14.3218: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74. 2e14.3218: ProductName: Microsoft® Windows® Operating System
75. 2e14.3218: ProductVersion: 10.0.18362.1
76. 2e14.3218: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
77. 2e14.3218: FileDescription: ApiSet Schema DLL
78. 2e14.3218: NtOpenDirectoryObject failed on \Driver: 0xc0000022
79. 2e14.3218: supR3HardenedWinFindAdversaries: 0x40
80. 2e14.3218: \SystemRoot\System32\drivers\klflt.sys:
81. 2e14.3218: CreationTime: 2019-07-22T06:54:52.660458100Z
82. 2e14.3218: LastWriteTime: 2019-10-29T07:33:50.630658400Z
83. 2e14.3218: ChangeTime: 2019-10-29T07:33:50.630658400Z
84. 2e14.3218: FileAttributes: 0x20
85. 2e14.3218: Size: 0x3d678
86. 2e14.3218: NT Headers: 0x100
87. 2e14.3218: Timestamp: 0xddaa7cbc
88. 2e14.3218: Machine: 0x8664 - amd64
89. 2e14.3218: Timestamp: 0xddaa7cbc
90. 2e14.3218: Image Version: 6.1
91. 2e14.3218: SizeOfImage: 0x4a000 (303104)
92. 2e14.3218: Resource Dir: 0x47000 LB 0x418
93. 2e14.3218: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
94. 2e14.3218: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
95. 2e14.3218: ProductName: Coretech Delivery
96. 2e14.3218: ProductVersion: 30.112.90.0
97. 2e14.3218: FileVersion: 30.112.90.0
98. 2e14.3218: FileDescription: Filter Core [fre_win7_amd64]
99. 2e14.3218: \SystemRoot\System32\drivers\klif.sys:
100. 2e14.3218: CreationTime: 2019-07-22T06:54:52.686498000Z
101. 2e14.3218: LastWriteTime: 2019-10-29T07:33:50.838128800Z
102. 2e14.3218: ChangeTime: 2019-10-29T07:33:50.838128800Z
103. 2e14.3218: FileAttributes: 0x20
104. 2e14.3218: Size: 0xf3a80
105. 2e14.3218: NT Headers: 0xf8
106. 2e14.3218: Timestamp: 0x5da6282c
107. 2e14.3218: Machine: 0x8664 - amd64
108. 2e14.3218: Timestamp: 0x5da6282c
109. 2e14.3218: Image Version: 6.1
110. 2e14.3218: SizeOfImage: 0xf4000 (999424)
111. 2e14.3218: Resource Dir: 0xeb000 LB 0x33f8
112. 2e14.3218: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
113. 2e14.3218: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
114. 2e14.3218: ProductName: Coretech Delivery
115. 2e14.3218: ProductVersion: 30.112.90.0
116. 2e14.3218: FileVersion: 30.112.90.0
117. 2e14.3218: FileDescription: Core System Interceptors [fre_win7_amd64]
118. 2e14.3218: \SystemRoot\System32\drivers\klim6.sys:
119. 2e14.3218: CreationTime: 2019-03-19T02:21:06.000000000Z
120. 2e14.3218: LastWriteTime: 2019-03-19T02:21:06.000000000Z
121. 2e14.3218: ChangeTime: 2019-08-31T05:56:13.521866900Z
122. 2e14.3218: FileAttributes: 0x20
123. 2e14.3218: Size: 0xe350
124. 2e14.3218: NT Headers: 0xe0
125. 2e14.3218: Timestamp: 0x54ad405e
126. 2e14.3218: Machine: 0x8664 - amd64
127. 2e14.3218: Timestamp: 0x54ad405e
128. 2e14.3218: Image Version: 6.1
129. 2e14.3218: SizeOfImage: 0xb000 (45056)
130. 2e14.3218: Resource Dir: 0x9000 LB 0x430
131. 2e14.3218: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
132. 2e14.3218: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
133. 2e14.3218: ProductName: Coretech Delivery
134. 2e14.3218: ProductVersion: 30.0.3724.0
135. 2e14.3218: FileVersion: 30.0.3724.0
136. 2e14.3218: FileDescription: Packet Network Filter [fre_win7_amd64]
137. 2e14.3218: \SystemRoot\System32\drivers\klkbdflt.sys:
138. 2e14.3218: CreationTime: 2018-01-15T00:13:30.000000000Z
139. 2e14.3218: LastWriteTime: 2019-03-17T21:11:30.000000000Z
140. 2e14.3218: ChangeTime: 2019-08-31T05:56:11.197261800Z
141. 2e14.3218: FileAttributes: 0x20
142. 2e14.3218: Size: 0x13550
143. 2e14.3218: NT Headers: 0xf8
144. 2e14.3218: Timestamp: 0x79cc11d7
145. 2e14.3218: Machine: 0x8664 - amd64
146. 2e14.3218: Timestamp: 0x79cc11d7
147. 2e14.3218: Image Version: 6.1
148. 2e14.3218: SizeOfImage: 0x12000 (73728)
149. 2e14.3218: Resource Dir: 0x10000 LB 0x438
150. 2e14.3218: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
151. 2e14.3218: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
152. 2e14.3218: ProductName: Coretech Delivery
153. 2e14.3218: ProductVersion: 30.0.3716.0
154. 2e14.3218: FileVersion: 30.0.3716.0
155. 2e14.3218: FileDescription: Keyboard Device Filter [fre_win7_amd64]
156. 2e14.3218: \SystemRoot\System32\drivers\klmouflt.sys:
157. 2e14.3218: CreationTime: 2017-12-11T06:49:16.000000000Z
158. 2e14.3218: LastWriteTime: 2019-03-17T20:50:34.000000000Z
159. 2e14.3218: ChangeTime: 2019-08-31T05:56:10.241103400Z
160. 2e14.3218: FileAttributes: 0x20
161. 2e14.3218: Size: 0xe878
162. 2e14.3218: NT Headers: 0xe8
163. 2e14.3218: Timestamp: 0xab7b625
164. 2e14.3218: Machine: 0x8664 - amd64
165. 2e14.3218: Timestamp: 0xab7b625
166. 2e14.3218: Image Version: 6.1
167. 2e14.3218: SizeOfImage: 0xe000 (57344)
168. 2e14.3218: Resource Dir: 0xc000 LB 0x430
169. 2e14.3218: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
170. 2e14.3218: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
171. 2e14.3218: ProductName: Coretech Delivery
172. 2e14.3218: ProductVersion: 30.0.3716.0
173. 2e14.3218: FileVersion: 30.0.3716.0
174. 2e14.3218: FileDescription: Mouse Device Filter [fre_win7_amd64]
175. 2e14.3218: \SystemRoot\System32\drivers\kneps.sys:
176. 2e14.3218: CreationTime: 2018-02-24T00:17:48.000000000Z
177. 2e14.3218: LastWriteTime: 2019-03-18T21:31:38.000000000Z
178. 2e14.3218: ChangeTime: 2019-08-31T05:56:06.776585600Z
179. 2e14.3218: FileAttributes: 0x20
180. 2e14.3218: Size: 0x38b50
181. 2e14.3218: NT Headers: 0x108
182. 2e14.3218: Timestamp: 0x7aa255dc
183. 2e14.3218: Machine: 0x8664 - amd64
184. 2e14.3218: Timestamp: 0x7aa255dc
185. 2e14.3218: Image Version: 6.1
186. 2e14.3218: SizeOfImage: 0x38000 (229376)
187. 2e14.3218: Resource Dir: 0x35000 LB 0x428
188. 2e14.3218: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
189. 2e14.3218: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
190. 2e14.3218: ProductName: Coretech Delivery
191. 2e14.3218: ProductVersion: 30.0.3731.0
192. 2e14.3218: FileVersion: 30.0.3731.0
193. 2e14.3218: FileDescription: Network Processor [fre_win7_amd64]
194. 2e14.3218: \SystemRoot\System32\klfphc.dll:
195. 2e14.3218: CreationTime: 2019-07-22T06:55:47.572363700Z
196. 2e14.3218: LastWriteTime: 2013-05-06T03:13:26.000000000Z
197. 2e14.3218: ChangeTime: 2019-08-31T05:55:17.301860700Z
198. 2e14.3218: FileAttributes: 0x20
199. 2e14.3218: Size: 0x1ae60
200. 2e14.3218: NT Headers: 0xe8
201. 2e14.3218: Timestamp: 0x51873bf2
202. 2e14.3218: Machine: 0x8664 - amd64
203. 2e14.3218: Timestamp: 0x51873bf2
204. 2e14.3218: Image Version: 0.0
205. 2e14.3218: SizeOfImage: 0x1d000 (118784)
206. 2e14.3218: Resource Dir: 0x18000 LB 0x3c80
207. 2e14.3218: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
208. 2e14.3218: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
209. 2e14.3218: ProductName: Kaspersky™ Anti-Virus ®
210. 2e14.3218: ProductVersion: 1.0.0.12
211. 2e14.3218: FileVersion: 1.0.0.12
212. 2e14.3218: FileDescription: Filtering Platform Helper Class
213. 2e14.3218: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
214. 2e14.3218: Calling main()
215. 2e14.3218: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
216. 2e14.3218: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
217. 2e14.3218: SUPR3HardenedMain: Respawn #1
218. 2e14.3218: System32: \Device\HarddiskVolume8\Windows\System32
219. 2e14.3218: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
220. 2e14.3218: KnownDllPath: C:\WINDOWS\System32
221. 2e14.3218: supR3HardenedWinInit: Performing a limited self purification...
222. 2e14.3218: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
223. 2e14.3218: *0000000000000000-0000000000b9ffff 0x0001/0x0000 0x0000000
224. 2e14.3218: *0000000000ba0000-0000000000baffff 0x0004/0x0004 0x0040000
225. 2e14.3218: 0000000000bb0000-0000000000bbffff 0x0001/0x0000 0x0000000
226. 2e14.3218: *0000000000bc0000-0000000000bdafff 0x0002/0x0002 0x0040000
227. 2e14.3218: 0000000000bdb000-0000000000bdffff 0x0001/0x0000 0x0000000
228. 2e14.3218: *0000000000be0000-0000000000be3fff 0x0002/0x0002 0x0040000
229. 2e14.3218: 0000000000be4000-0000000000beffff 0x0001/0x0000 0x0000000
230. 2e14.3218: *0000000000bf0000-0000000000bf1fff 0x0004/0x0004 0x0020000
231. 2e14.3218: 0000000000bf2000-0000000000bfffff 0x0001/0x0000 0x0000000
232. 2e14.3218: *0000000000c00000-0000000000dd5fff 0x0000/0x0004 0x0020000
233. 2e14.3218: 0000000000dd6000-0000000000dd8fff 0x0004/0x0004 0x0020000
234. 2e14.3218: 0000000000dd9000-0000000000dfffff 0x0000/0x0004 0x0020000
235. 2e14.3218: *0000000000e00000-0000000000eb0fff 0x0000/0x0004 0x0020000
236. 2e14.3218: 0000000000eb1000-0000000000eb3fff 0x0104/0x0004 0x0020000
237. 2e14.3218: 0000000000eb4000-0000000000efffff 0x0004/0x0004 0x0020000
238. 2e14.3218: *0000000000f00000-0000000000fc6fff 0x0002/0x0002 0x0040000
239. 2e14.3218: 0000000000fc7000-0000000000fcffff 0x0001/0x0000 0x0000000
240. 2e14.3218: *0000000000fd0000-0000000000fd1fff 0x0004/0x0004 0x0020000
241. 2e14.3218: 0000000000fd2000-0000000000fe9fff 0x0000/0x0004 0x0020000
242. 2e14.3218: 0000000000fea000-000000000102ffff 0x0001/0x0000 0x0000000
243. 2e14.3218: *0000000001030000-0000000001034fff 0x0004/0x0004 0x0020000
244. 2e14.3218: 0000000001035000-000000000112ffff 0x0000/0x0004 0x0020000
245. 2e14.3218: *0000000001130000-000000000114cfff 0x0004/0x0004 0x0020000
246. 2e14.3218: 000000000114d000-000000000122ffff 0x0000/0x0004 0x0020000
247. 2e14.3218: 0000000001230000-00000000012cffff 0x0001/0x0000 0x0000000
248. 2e14.3218: *00000000012d0000-00000000012defff 0x0004/0x0004 0x0020000
249. 2e14.3218: 00000000012df000-00000000012dffff 0x0000/0x0004 0x0020000
250. 2e14.3218: *00000000012e0000-00000000012edfff 0x0000/0x0004 0x0020000
251. 2e14.3218: 00000000012ee000-00000000014defff 0x0004/0x0004 0x0020000
252. 2e14.3218: 00000000014df000-00000000014dffff 0x0000/0x0004 0x0020000
253. 2e14.3218: 00000000014e0000-000000007ffdffff 0x0001/0x0000 0x0000000
254. 2e14.3218: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
255. 2e14.3218: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000
256. 2e14.3218: *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000
257. 2e14.3218: 000000007ffe5000-00007ff43694ffff 0x0001/0x0000 0x0000000
258. 2e14.3218: *00007ff436950000-00007ff436954fff 0x0002/0x0002 0x0040000
259. 2e14.3218: 00007ff436955000-00007ff436a4ffff 0x0000/0x0002 0x0040000
260. 2e14.3218: *00007ff436a50000-00007ff536a6ffff 0x0000/0x0004 0x0020000
261. 2e14.3218: *00007ff536a70000-00007ff538a6ffff 0x0000/0x0004 0x0020000
262. 2e14.3218: 00007ff538a70000-00007ff538a70fff 0x0004/0x0004 0x0020000
263. 2e14.3218: 00007ff538a71000-00007ff538a7ffff 0x0001/0x0000 0x0000000
264. 2e14.3218: *00007ff538a80000-00007ff538a80fff 0x0002/0x0002 0x0040000
265. 2e14.3218: 00007ff538a81000-00007ff538a8ffff 0x0001/0x0000 0x0000000
266. 2e14.3218: *00007ff538a90000-00007ff538ab2fff 0x0002/0x0002 0x0040000
267. 2e14.3218: 00007ff538ab3000-00007ff621a4ffff 0x0001/0x0000 0x0000000
268. 2e14.3218: *00007ff621a50000-00007ff621a50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
269. 2e14.3218: 00007ff621a51000-00007ff621ac6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
270. 2e14.3218: 00007ff621ac7000-00007ff621ac7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
271. 2e14.3218: 00007ff621ac8000-00007ff621b0ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
272. 2e14.3218: 00007ff621b10000-00007ff621b12fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
273. 2e14.3218: 00007ff621b13000-00007ff621b15fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
274. 2e14.3218: 00007ff621b16000-00007ff621b18fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
275. 2e14.3218: 00007ff621b19000-00007ff621b19fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
276. 2e14.3218: 00007ff621b1a000-00007ff621b1bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
277. 2e14.3218: 00007ff621b1c000-00007ff621b1cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
278. 2e14.3218: 00007ff621b1d000-00007ff621b65fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
279. 2e14.3218: 00007ff621b66000-00007ff97abcffff 0x0001/0x0000 0x0000000
280. 2e14.3218: *00007ff97abd0000-00007ff97abd0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
281. 2e14.3218: 00007ff97abd1000-00007ff97acd5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
282. 2e14.3218: 00007ff97acd6000-00007ff97ae37fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
283. 2e14.3218: 00007ff97ae38000-00007ff97ae3bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
284. 2e14.3218: 00007ff97ae3c000-00007ff97ae3cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
285. 2e14.3218: 00007ff97ae3d000-00007ff97ae72fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
286. 2e14.3218: 00007ff97ae73000-00007ff97c75ffff 0x0001/0x0000 0x0000000
287. 2e14.3218: *00007ff97c760000-00007ff97c760fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
288. 2e14.3218: 00007ff97c761000-00007ff97c7d5fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
289. 2e14.3218: 00007ff97c7d6000-00007ff97c807fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
290. 2e14.3218: 00007ff97c808000-00007ff97c808fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
291. 2e14.3218: 00007ff97c809000-00007ff97c809fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
292. 2e14.3218: 00007ff97c80a000-00007ff97c811fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\kernel32.dll
293. 2e14.3218: 00007ff97c812000-00007ff97da9ffff 0x0001/0x0000 0x0000000
294. 2e14.3218: *00007ff97daa0000-00007ff97daa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
295. 2e14.3218: 00007ff97daa1000-00007ff97dbb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
296. 2e14.3218: 00007ff97dbb8000-00007ff97dbfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
297. 2e14.3218: 00007ff97dbff000-00007ff97dbfffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
298. 2e14.3218: 00007ff97dc00000-00007ff97dc01fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
299. 2e14.3218: 00007ff97dc02000-00007ff97dc0afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
300. 2e14.3218: 00007ff97dc0b000-00007ff97dc8ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
301. 2e14.3218: 00007ff97dc90000-00007ffffffeffff 0x0001/0x0000 0x0000000
302. 2e14.3218: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
303. 2e14.3218: kernelbase.dll: timestamp 0x50cc8d5a (rc=VINF_SUCCESS)
304. 2e14.3218: VirtualBoxVM.exe: timestamp 0x5e1f1d0f (rc=VINF_SUCCESS)
305. 2e14.3218: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
306. 2e14.3218: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
307. 2e14.3218: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
308. 2e14.3218: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
309. 2e14.3218: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
310. 2e14.3218: supR3HardNtEnableThreadCreationEx:
311. 2e14.3218: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff97db117f0 pvNtTerminateThread=00007ff97db3cb10
312. 2e14.3218: supR3HardenedWinDoReSpawn(1): New child 5c8.7c4 [kernel32].
313. 2e14.3218: supR3HardNtChildGatherData: PebBaseAddress=0000000000a0f000 cbPeb=0x388
314. 2e14.3218: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff97daa0000 uNtDllChildAddr=00007ff97daa0000
315. 2e14.3218: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff97db117f0
316. 2e14.3218: supR3HardenedWinSetupChildInit: Initial context:
317. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff621a57900 rdx=0000000000a0f000
318. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
319. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
320. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
321. rip=00007ff97db0ceb0 rsp=0000000000cffdd8 rbp=0000000000000000 ctxflags=0010001b
322. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
323. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
324. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
325. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
326. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
327. 2e14.3218: supR3HardenedWinSetupChildInit: Start child.
328. 2e14.3218: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
329. 2e14.3218: supR3HardNtChildPurify: Startup delay kludge #1/0: 519 ms, 60 sleeps
330. 2e14.3218: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
331. 2e14.3218: *0000000000000000-000000000092ffff 0x0001/0x0000 0x0000000
332. 2e14.3218: *0000000000930000-000000000094ffff 0x0004/0x0004 0x0020000
333. 2e14.3218: *0000000000950000-000000000096afff 0x0002/0x0002 0x0040000
334. 2e14.3218: 000000000096b000-000000000096ffff 0x0001/0x0000 0x0000000
335. 2e14.3218: *0000000000970000-0000000000973fff 0x0002/0x0002 0x0040000
336. 2e14.3218: 0000000000974000-000000000097ffff 0x0001/0x0000 0x0000000
337. 2e14.3218: *0000000000980000-0000000000981fff 0x0004/0x0004 0x0020000
338. 2e14.3218: 0000000000982000-00000000009fffff 0x0001/0x0000 0x0000000
339. 2e14.3218: *0000000000a00000-0000000000a0efff 0x0000/0x0004 0x0020000
340. 2e14.3218: 0000000000a0f000-0000000000a11fff 0x0004/0x0004 0x0020000
341. 2e14.3218: 0000000000a12000-0000000000bfffff 0x0000/0x0004 0x0020000
342. 2e14.3218: *0000000000c00000-0000000000cfafff 0x0000/0x0004 0x0020000
343. 2e14.3218: 0000000000cfb000-0000000000cfdfff 0x0104/0x0004 0x0020000
344. 2e14.3218: 0000000000cfe000-0000000000cfffff 0x0004/0x0004 0x0020000
345. 2e14.3218: 0000000000d00000-000000007ffdffff 0x0001/0x0000 0x0000000
346. 2e14.3218: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
347. 2e14.3218: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000
348. 2e14.3218: *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000
349. 2e14.3218: 000000007ffe5000-00007ff50f80ffff 0x0001/0x0000 0x0000000
350. 2e14.3218: *00007ff50f810000-00007ff50f810fff 0x0002/0x0002 0x0040000
351. 2e14.3218: 00007ff50f811000-00007ff50f81ffff 0x0001/0x0000 0x0000000
352. 2e14.3218: *00007ff50f820000-00007ff50f842fff 0x0002/0x0002 0x0040000
353. 2e14.3218: 00007ff50f843000-00007ff621a4ffff 0x0001/0x0000 0x0000000
354. 2e14.3218: *00007ff621a50000-00007ff621a50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
355. 2e14.3218: 00007ff621a51000-00007ff621ac6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
356. 2e14.3218: 00007ff621ac7000-00007ff621ac7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
357. 2e14.3218: 00007ff621ac8000-00007ff621b0ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
358. 2e14.3218: 00007ff621b10000-00007ff621b10fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
359. 2e14.3218: 00007ff621b11000-00007ff621b11fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
360. 2e14.3218: 00007ff621b12000-00007ff621b16fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
361. 2e14.3218: 00007ff621b17000-00007ff621b17fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
362. 2e14.3218: 00007ff621b18000-00007ff621b18fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
363. 2e14.3218: 00007ff621b19000-00007ff621b1cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
364. 2e14.3218: 00007ff621b1d000-00007ff621b65fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
365. 2e14.3218: 00007ff621b66000-00007ff97da9ffff 0x0001/0x0000 0x0000000
366. 2e14.3218: *00007ff97daa0000-00007ff97daa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
367. 2e14.3218: 00007ff97daa1000-00007ff97dbb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
368. 2e14.3218: 00007ff97dbb8000-00007ff97dbfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
369. 2e14.3218: 00007ff97dbff000-00007ff97dc0afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
370. 2e14.3218: 00007ff97dc0b000-00007ff97dc19fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
371. 2e14.3218: 00007ff97dc1a000-00007ff97dc1afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
372. 2e14.3218: 00007ff97dc1b000-00007ff97dc1dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
373. 2e14.3218: 00007ff97dc1e000-00007ff97dc8ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
374. 2e14.3218: 00007ff97dc90000-00007ffffffeffff 0x0001/0x0000 0x0000000
375. 2e14.3218: supR3HardNtChildPurify: Done after 521 ms and 0 fixes (loop #0).
376. 5c8.7c4: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
377. 5c8.7c4: supR3HardenedVmProcessInit: uNtDllAddr=00007ff97daa0000 g_uNtVerCombined=0xa047ba00 (stack ~0000000000cff868)
378. 5c8.7c4: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
379. 5c8.7c4: New simple heap: #1 0000000000e00000 LB 0x400000 (for 2031616 allocation)
380. 2e14.3218: supR3HardNtEnableThreadCreationEx:
381. 5c8.7c4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
382. 5c8.7c4: System32: \Device\HarddiskVolume8\Windows\System32
383. 5c8.7c4: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
384. 5c8.7c4: KnownDllPath: C:\WINDOWS\System32
385. 5c8.7c4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
386. 5c8.7c4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
387. 5c8.7c4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
388. 5c8.7c4: Registered Dll notification callback with NTDLL.
389. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel32.dll)
390. 5c8.7c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel32.dll
391. 5c8.7c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
392. 5c8.7c4: supR3HardenedDllNotificationCallback: load 00007ff97abd0000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
393. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\KernelBase.dll)
394. 5c8.7c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
395. 5c8.7c4: supR3HardenedDllNotificationCallback: load 00007ff97c760000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
396. 5c8.7c4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
397. 5c8.7c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97c760000 'C:\WINDOWS\System32\KERNEL32.DLL'
398. 5c8.7c4: supR3HardenedDllNotificationCallback: load 00007ff621a50000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
399. 5c8.7c4: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
400. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
401. 5c8.7c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
402. 5c8.7c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff97db117f0 pvNtTerminateThread=00007ff97db3cb10
403. 2e14.3218: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 77 ms.
404. 5c8.7c4: \SystemRoot\System32\ntdll.dll:
405. 5c8.7c4: CreationTime: 2019-10-09T10:35:45.073760000Z
406. 5c8.7c4: LastWriteTime: 2019-10-09T10:35:45.211652700Z
407. 5c8.7c4: ChangeTime: 2020-01-16T11:45:03.158089500Z
408. 5c8.7c4: FileAttributes: 0x20
409. 5c8.7c4: Size: 0x1e8528
410. 5c8.7c4: NT Headers: 0xd8
411. 5c8.7c4: Timestamp: 0x99ca0526
412. 5c8.7c4: Machine: 0x8664 - amd64
413. 5c8.7c4: Timestamp: 0x99ca0526
414. 5c8.7c4: Image Version: 10.0
415. 5c8.7c4: SizeOfImage: 0x1f0000 (2031616)
416. 5c8.7c4: Resource Dir: 0x17f000 LB 0x6f310
417. 5c8.7c4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
418. 5c8.7c4: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
419. 5c8.7c4: ProductName: Microsoft® Windows® Operating System
420. 5c8.7c4: ProductVersion: 10.0.18362.418
421. 5c8.7c4: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
422. 5c8.7c4: FileDescription: NT Layer DLL
423. 5c8.7c4: \SystemRoot\System32\kernel32.dll:
424. 5c8.7c4: CreationTime: 2019-09-02T14:07:38.017663300Z
425. 5c8.7c4: LastWriteTime: 2019-09-02T14:07:38.233537200Z
426. 5c8.7c4: ChangeTime: 2020-01-16T11:45:02.930080600Z
427. 5c8.7c4: FileAttributes: 0x20
428. 5c8.7c4: Size: 0xb0570
429. 5c8.7c4: NT Headers: 0xe8
430. 5c8.7c4: Timestamp: 0xd0cecc10
431. 5c8.7c4: Machine: 0x8664 - amd64
432. 5c8.7c4: Timestamp: 0xd0cecc10
433. 5c8.7c4: Image Version: 10.0
434. 5c8.7c4: SizeOfImage: 0xb2000 (729088)
435. 5c8.7c4: Resource Dir: 0xb0000 LB 0x520
436. 5c8.7c4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
437. 5c8.7c4: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
438. 5c8.7c4: ProductName: Microsoft® Windows® Operating System
439. 5c8.7c4: ProductVersion: 10.0.18362.329
440. 5c8.7c4: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
441. 5c8.7c4: FileDescription: Windows NT BASE API Client DLL
442. 5c8.7c4: \SystemRoot\System32\KernelBase.dll:
443. 5c8.7c4: CreationTime: 2019-12-12T10:00:55.556995800Z
444. 5c8.7c4: LastWriteTime: 2019-12-12T10:00:55.674538800Z
445. 5c8.7c4: ChangeTime: 2020-01-16T11:45:03.136102700Z
446. 5c8.7c4: FileAttributes: 0x20
447. 5c8.7c4: Size: 0x2a2638
448. 5c8.7c4: NT Headers: 0xf0
449. 5c8.7c4: Timestamp: 0x50cc8d5a
450. 5c8.7c4: Machine: 0x8664 - amd64
451. 5c8.7c4: Timestamp: 0x50cc8d5a
452. 5c8.7c4: Image Version: 10.0
453. 5c8.7c4: SizeOfImage: 0x2a3000 (2764800)
454. 5c8.7c4: Resource Dir: 0x27d000 LB 0x548
455. 5c8.7c4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
456. 5c8.7c4: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
457. 5c8.7c4: ProductName: Microsoft® Windows® Operating System
458. 5c8.7c4: ProductVersion: 10.0.18362.535
459. 5c8.7c4: FileVersion: 10.0.18362.535 (WinBuild.160101.0800)
460. 5c8.7c4: FileDescription: Windows NT BASE API Client DLL
461. 5c8.7c4: \SystemRoot\System32\apisetschema.dll:
462. 5c8.7c4: CreationTime: 2019-03-19T04:43:54.837151500Z
463. 5c8.7c4: LastWriteTime: 2019-03-19T04:43:54.837151500Z
464. 5c8.7c4: ChangeTime: 2020-01-16T11:45:02.918087300Z
465. 5c8.7c4: FileAttributes: 0x20
466. 5c8.7c4: Size: 0x1d028
467. 5c8.7c4: NT Headers: 0xc8
468. 5c8.7c4: Timestamp: 0xd6ced080
469. 5c8.7c4: Machine: 0x8664 - amd64
470. 5c8.7c4: Timestamp: 0xd6ced080
471. 5c8.7c4: Image Version: 10.0
472. 5c8.7c4: SizeOfImage: 0x1e000 (122880)
473. 5c8.7c4: Resource Dir: 0x1d000 LB 0x408
474. 5c8.7c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
475. 5c8.7c4: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
476. 5c8.7c4: ProductName: Microsoft® Windows® Operating System
477. 5c8.7c4: ProductVersion: 10.0.18362.1
478. 5c8.7c4: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
479. 5c8.7c4: FileDescription: ApiSet Schema DLL
480. 5c8.7c4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
481. 5c8.7c4: supR3HardenedWinFindAdversaries: 0x40
482. 5c8.7c4: \SystemRoot\System32\drivers\klflt.sys:
483. 5c8.7c4: CreationTime: 2019-07-22T06:54:52.660458100Z
484. 5c8.7c4: LastWriteTime: 2019-10-29T07:33:50.630658400Z
485. 5c8.7c4: ChangeTime: 2019-10-29T07:33:50.630658400Z
486. 5c8.7c4: FileAttributes: 0x20
487. 5c8.7c4: Size: 0x3d678
488. 5c8.7c4: NT Headers: 0x100
489. 5c8.7c4: Timestamp: 0xddaa7cbc
490. 5c8.7c4: Machine: 0x8664 - amd64
491. 5c8.7c4: Timestamp: 0xddaa7cbc
492. 5c8.7c4: Image Version: 6.1
493. 5c8.7c4: SizeOfImage: 0x4a000 (303104)
494. 5c8.7c4: Resource Dir: 0x47000 LB 0x418
495. 5c8.7c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
496. 5c8.7c4: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
497. 5c8.7c4: ProductName: Coretech Delivery
498. 5c8.7c4: ProductVersion: 30.112.90.0
499. 5c8.7c4: FileVersion: 30.112.90.0
500. 5c8.7c4: FileDescription: Filter Core [fre_win7_amd64]
501. 5c8.7c4: \SystemRoot\System32\drivers\klif.sys:
502. 5c8.7c4: CreationTime: 2019-07-22T06:54:52.686498000Z
503. 5c8.7c4: LastWriteTime: 2019-10-29T07:33:50.838128800Z
504. 5c8.7c4: ChangeTime: 2019-10-29T07:33:50.838128800Z
505. 5c8.7c4: FileAttributes: 0x20
506. 5c8.7c4: Size: 0xf3a80
507. 5c8.7c4: NT Headers: 0xf8
508. 5c8.7c4: Timestamp: 0x5da6282c
509. 5c8.7c4: Machine: 0x8664 - amd64
510. 5c8.7c4: Timestamp: 0x5da6282c
511. 5c8.7c4: Image Version: 6.1
512. 5c8.7c4: SizeOfImage: 0xf4000 (999424)
513. 5c8.7c4: Resource Dir: 0xeb000 LB 0x33f8
514. 5c8.7c4: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
515. 5c8.7c4: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
516. 5c8.7c4: ProductName: Coretech Delivery
517. 5c8.7c4: ProductVersion: 30.112.90.0
518. 5c8.7c4: FileVersion: 30.112.90.0
519. 5c8.7c4: FileDescription: Core System Interceptors [fre_win7_amd64]
520. 5c8.7c4: \SystemRoot\System32\drivers\klim6.sys:
521. 5c8.7c4: CreationTime: 2019-03-19T02:21:06.000000000Z
522. 5c8.7c4: LastWriteTime: 2019-03-19T02:21:06.000000000Z
523. 5c8.7c4: ChangeTime: 2019-08-31T05:56:13.521866900Z
524. 5c8.7c4: FileAttributes: 0x20
525. 5c8.7c4: Size: 0xe350
526. 5c8.7c4: NT Headers: 0xe0
527. 5c8.7c4: Timestamp: 0x54ad405e
528. 5c8.7c4: Machine: 0x8664 - amd64
529. 5c8.7c4: Timestamp: 0x54ad405e
530. 5c8.7c4: Image Version: 6.1
531. 5c8.7c4: SizeOfImage: 0xb000 (45056)
532. 5c8.7c4: Resource Dir: 0x9000 LB 0x430
533. 5c8.7c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
534. 5c8.7c4: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
535. 5c8.7c4: ProductName: Coretech Delivery
536. 5c8.7c4: ProductVersion: 30.0.3724.0
537. 5c8.7c4: FileVersion: 30.0.3724.0
538. 5c8.7c4: FileDescription: Packet Network Filter [fre_win7_amd64]
539. 5c8.7c4: \SystemRoot\System32\drivers\klkbdflt.sys:
540. 5c8.7c4: CreationTime: 2018-01-15T00:13:30.000000000Z
541. 5c8.7c4: LastWriteTime: 2019-03-17T21:11:30.000000000Z
542. 5c8.7c4: ChangeTime: 2019-08-31T05:56:11.197261800Z
543. 5c8.7c4: FileAttributes: 0x20
544. 5c8.7c4: Size: 0x13550
545. 5c8.7c4: NT Headers: 0xf8
546. 5c8.7c4: Timestamp: 0x79cc11d7
547. 5c8.7c4: Machine: 0x8664 - amd64
548. 5c8.7c4: Timestamp: 0x79cc11d7
549. 5c8.7c4: Image Version: 6.1
550. 5c8.7c4: SizeOfImage: 0x12000 (73728)
551. 5c8.7c4: Resource Dir: 0x10000 LB 0x438
552. 5c8.7c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
553. 5c8.7c4: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
554. 5c8.7c4: ProductName: Coretech Delivery
555. 5c8.7c4: ProductVersion: 30.0.3716.0
556. 5c8.7c4: FileVersion: 30.0.3716.0
557. 5c8.7c4: FileDescription: Keyboard Device Filter [fre_win7_amd64]
558. 5c8.7c4: \SystemRoot\System32\drivers\klmouflt.sys:
559. 5c8.7c4: CreationTime: 2017-12-11T06:49:16.000000000Z
560. 5c8.7c4: LastWriteTime: 2019-03-17T20:50:34.000000000Z
561. 5c8.7c4: ChangeTime: 2019-08-31T05:56:10.241103400Z
562. 5c8.7c4: FileAttributes: 0x20
563. 5c8.7c4: Size: 0xe878
564. 5c8.7c4: NT Headers: 0xe8
565. 5c8.7c4: Timestamp: 0xab7b625
566. 5c8.7c4: Machine: 0x8664 - amd64
567. 5c8.7c4: Timestamp: 0xab7b625
568. 5c8.7c4: Image Version: 6.1
569. 5c8.7c4: SizeOfImage: 0xe000 (57344)
570. 5c8.7c4: Resource Dir: 0xc000 LB 0x430
571. 5c8.7c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
572. 5c8.7c4: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
573. 5c8.7c4: ProductName: Coretech Delivery
574. 5c8.7c4: ProductVersion: 30.0.3716.0
575. 5c8.7c4: FileVersion: 30.0.3716.0
576. 5c8.7c4: FileDescription: Mouse Device Filter [fre_win7_amd64]
577. 5c8.7c4: \SystemRoot\System32\drivers\kneps.sys:
578. 5c8.7c4: CreationTime: 2018-02-24T00:17:48.000000000Z
579. 5c8.7c4: LastWriteTime: 2019-03-18T21:31:38.000000000Z
580. 5c8.7c4: ChangeTime: 2019-08-31T05:56:06.776585600Z
581. 5c8.7c4: FileAttributes: 0x20
582. 5c8.7c4: Size: 0x38b50
583. 5c8.7c4: NT Headers: 0x108
584. 5c8.7c4: Timestamp: 0x7aa255dc
585. 5c8.7c4: Machine: 0x8664 - amd64
586. 5c8.7c4: Timestamp: 0x7aa255dc
587. 5c8.7c4: Image Version: 6.1
588. 5c8.7c4: SizeOfImage: 0x38000 (229376)
589. 5c8.7c4: Resource Dir: 0x35000 LB 0x428
590. 5c8.7c4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
591. 5c8.7c4: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
592. 5c8.7c4: ProductName: Coretech Delivery
593. 5c8.7c4: ProductVersion: 30.0.3731.0
594. 5c8.7c4: FileVersion: 30.0.3731.0
595. 5c8.7c4: FileDescription: Network Processor [fre_win7_amd64]
596. 5c8.7c4: \SystemRoot\System32\klfphc.dll:
597. 5c8.7c4: CreationTime: 2019-07-22T06:55:47.572363700Z
598. 5c8.7c4: LastWriteTime: 2013-05-06T03:13:26.000000000Z
599. 5c8.7c4: ChangeTime: 2019-08-31T05:55:17.301860700Z
600. 5c8.7c4: FileAttributes: 0x20
601. 5c8.7c4: Size: 0x1ae60
602. 5c8.7c4: NT Headers: 0xe8
603. 5c8.7c4: Timestamp: 0x51873bf2
604. 5c8.7c4: Machine: 0x8664 - amd64
605. 5c8.7c4: Timestamp: 0x51873bf2
606. 5c8.7c4: Image Version: 0.0
607. 5c8.7c4: SizeOfImage: 0x1d000 (118784)
608. 5c8.7c4: Resource Dir: 0x18000 LB 0x3c80
609. 5c8.7c4: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
610. 5c8.7c4: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
611. 5c8.7c4: ProductName: Kaspersky™ Anti-Virus ®
612. 5c8.7c4: ProductVersion: 1.0.0.12
613. 5c8.7c4: FileVersion: 1.0.0.12
614. 5c8.7c4: FileDescription: Filtering Platform Helper Class
615. 5c8.7c4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
616. 5c8.7c4: Calling main()
617. 5c8.7c4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
618. 5c8.7c4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
619. 5c8.7c4: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
620. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
621. 5c8.7c4: SUPR3HardenedMain: Respawn #2
622. 5c8.7c4: supR3HardNtEnableThreadCreationEx:
623. 5c8.7c4: supR3HardenedDllNotificationCallback: load 00007ff97cb20000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
624. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll)
625. 5c8.7c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
626. 5c8.7c4: supR3HardenedDllNotificationCallback: load 00007ff97d5f0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
627. 5c8.7c4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
628. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\sechost.dll)
629. 5c8.7c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\sechost.dll
630. 5c8.7c4: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
631. 5c8.7c4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ntdll.dll)
632. 5c8.7c4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ntdll.dll
633. 5c8.7c4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
634. 5c8.7c4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
635. 5c8.7c4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
636. 5c8.7c4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
637. 5c8.7c4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97daa0000 'C:\WINDOWS\System32\ntdll.dll'
638. 5c8.7c4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff97db117f0 pvNtTerminateThread=00007ff97db3cb10
639. 5c8.7c4: supR3HardenedWinDoReSpawn(2): New child 12f0.1a68 [kernel32].
640. 5c8.7c4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
641. 5c8.7c4: supR3HardNtChildGatherData: PebBaseAddress=0000000000599000 cbPeb=0x388
642. 5c8.7c4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ff97daa0000 uNtDllChildAddr=00007ff97daa0000
643. 5c8.7c4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ff97db117f0
644. 5c8.7c4: supR3HardenedWinSetupChildInit: Initial context:
645. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff621a57900 rdx=0000000000599000
646. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
647. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
648. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
649. rip=00007ff97db0ceb0 rsp=00000000003ffe88 rbp=0000000000000000 ctxflags=0010001b
650. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
651. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
652. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
653. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
654. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
655. 5c8.7c4: kernel32.dll: timestamp 0xd0cecc10 (rc=VINF_SUCCESS)
656. 5c8.7c4: supR3HardenedWinSetupChildInit: Start child.
657. 5c8.7c4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
658. 5c8.7c4: supR3HardNtChildPurify: Startup delay kludge #1/0: 514 ms, 59 sleeps
659. 5c8.7c4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
660. 5c8.7c4: *0000000000000000-00000000002bffff 0x0001/0x0000 0x0000000
661. 5c8.7c4: *00000000002c0000-00000000002dffff 0x0004/0x0004 0x0020000
662. 5c8.7c4: *00000000002e0000-00000000002fafff 0x0002/0x0002 0x0040000
663. 5c8.7c4: 00000000002fb000-00000000002fffff 0x0001/0x0000 0x0000000
664. 5c8.7c4: *0000000000300000-00000000003fafff 0x0000/0x0004 0x0020000
665. 5c8.7c4: 00000000003fb000-00000000003fdfff 0x0104/0x0004 0x0020000
666. 5c8.7c4: 00000000003fe000-00000000003fffff 0x0004/0x0004 0x0020000
667. 5c8.7c4: *0000000000400000-0000000000598fff 0x0000/0x0004 0x0020000
668. 5c8.7c4: 0000000000599000-000000000059bfff 0x0004/0x0004 0x0020000
669. 5c8.7c4: 000000000059c000-00000000005fffff 0x0000/0x0004 0x0020000
670. 5c8.7c4: *0000000000600000-0000000000603fff 0x0002/0x0002 0x0040000
671. 5c8.7c4: 0000000000604000-000000000060ffff 0x0001/0x0000 0x0000000
672. 5c8.7c4: *0000000000610000-0000000000611fff 0x0004/0x0004 0x0020000
673. 5c8.7c4: 0000000000612000-000000007ffdffff 0x0001/0x0000 0x0000000
674. 5c8.7c4: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
675. 5c8.7c4: 000000007ffe1000-000000007ffe3fff 0x0001/0x0000 0x0000000
676. 5c8.7c4: *000000007ffe4000-000000007ffe4fff 0x0002/0x0002 0x0020000
677. 5c8.7c4: 000000007ffe5000-00007ff559f5ffff 0x0001/0x0000 0x0000000
678. 5c8.7c4: *00007ff559f60000-00007ff559f60fff 0x0002/0x0002 0x0040000
679. 5c8.7c4: 00007ff559f61000-00007ff559f6ffff 0x0001/0x0000 0x0000000
680. 5c8.7c4: *00007ff559f70000-00007ff559f92fff 0x0002/0x0002 0x0040000
681. 5c8.7c4: 00007ff559f93000-00007ff621a4ffff 0x0001/0x0000 0x0000000
682. 5c8.7c4: *00007ff621a50000-00007ff621a50fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
683. 5c8.7c4: 00007ff621a51000-00007ff621ac6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
684. 5c8.7c4: 00007ff621ac7000-00007ff621ac7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
685. 5c8.7c4: 00007ff621ac8000-00007ff621b0ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
686. 5c8.7c4: 00007ff621b10000-00007ff621b10fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
687. 5c8.7c4: 00007ff621b11000-00007ff621b11fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
688. 5c8.7c4: 00007ff621b12000-00007ff621b16fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
689. 5c8.7c4: 00007ff621b17000-00007ff621b17fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
690. 5c8.7c4: 00007ff621b18000-00007ff621b18fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
691. 5c8.7c4: 00007ff621b19000-00007ff621b1cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
692. 5c8.7c4: 00007ff621b1d000-00007ff621b65fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
693. 5c8.7c4: 00007ff621b66000-00007ff97da9ffff 0x0001/0x0000 0x0000000
694. 5c8.7c4: *00007ff97daa0000-00007ff97daa0fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
695. 5c8.7c4: 00007ff97daa1000-00007ff97dbb7fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
696. 5c8.7c4: 00007ff97dbb8000-00007ff97dbfefff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
697. 5c8.7c4: 00007ff97dbff000-00007ff97dc0afff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
698. 5c8.7c4: 00007ff97dc0b000-00007ff97dc19fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
699. 5c8.7c4: 00007ff97dc1a000-00007ff97dc1afff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
700. 5c8.7c4: 00007ff97dc1b000-00007ff97dc1dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
701. 5c8.7c4: 00007ff97dc1e000-00007ff97dc8ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume8\Windows\System32\ntdll.dll
702. 5c8.7c4: 00007ff97dc90000-00007ffffffeffff 0x0001/0x0000 0x0000000
703. 5c8.7c4: VirtualBoxVM.exe: timestamp 0x5e1f1d0f (rc=VINF_SUCCESS)
704. 5c8.7c4: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
705. 5c8.7c4: '\Device\HarddiskVolume8\Windows\System32\ntdll.dll' has no imports
706. 5c8.7c4: supR3HardNtChildPurify: Done after 566 ms and 0 fixes (loop #0).
707. 12f0.1a68: Log file opened: 6.1.2r135662 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
708. 12f0.1a68: supR3HardenedVmProcessInit: uNtDllAddr=00007ff97daa0000 g_uNtVerCombined=0xa047ba00 (stack ~00000000003ff918)
709. 12f0.1a68: ntdll.dll: timestamp 0x99ca0526 (rc=VINF_SUCCESS)
710. 12f0.1a68: New simple heap: #1 0000000000720000 LB 0x400000 (for 2031616 allocation)
711. 5c8.7c4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000e00000 LB 0x400000)
712. 5c8.7c4: supR3HardNtEnableThreadCreationEx:
713. 12f0.1a68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
714. 12f0.1a68: System32: \Device\HarddiskVolume8\Windows\System32
715. 12f0.1a68: WinSxS: \Device\HarddiskVolume8\Windows\WinSxS
716. 12f0.1a68: KnownDllPath: C:\WINDOWS\System32
717. 12f0.1a68: supR3HardenedVmProcessInit: Opening vboxdrv...
718. 12f0.1a68: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
719. 12f0.1a68: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
720. 12f0.1a68: Registered Dll notification callback with NTDLL.
721. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\kernel32.dll)
722. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\kernel32.dll
723. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
724. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97abd0000 LB 0x002a3000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
725. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\KernelBase.dll)
726. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\KernelBase.dll
727. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97c760000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
728. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
729. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97c760000 'C:\WINDOWS\System32\KERNEL32.DLL'
730. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff621a50000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
731. 12f0.1a68: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
732. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
733. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
734. 12f0.1a68: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ff97db117f0 pvNtTerminateThread=00007ff97db3cb10
735. 5c8.7c4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 83 ms.
736. 12f0.1a68: \SystemRoot\System32\ntdll.dll:
737. 12f0.1a68: CreationTime: 2019-10-09T10:35:45.073760000Z
738. 12f0.1a68: LastWriteTime: 2019-10-09T10:35:45.211652700Z
739. 12f0.1a68: ChangeTime: 2020-01-16T11:45:03.158089500Z
740. 12f0.1a68: FileAttributes: 0x20
741. 12f0.1a68: Size: 0x1e8528
742. 12f0.1a68: NT Headers: 0xd8
743. 12f0.1a68: Timestamp: 0x99ca0526
744. 12f0.1a68: Machine: 0x8664 - amd64
745. 12f0.1a68: Timestamp: 0x99ca0526
746. 12f0.1a68: Image Version: 10.0
747. 12f0.1a68: SizeOfImage: 0x1f0000 (2031616)
748. 12f0.1a68: Resource Dir: 0x17f000 LB 0x6f310
749. 12f0.1a68: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
750. 12f0.1a68: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
751. 12f0.1a68: ProductName: Microsoft® Windows® Operating System
752. 12f0.1a68: ProductVersion: 10.0.18362.418
753. 12f0.1a68: FileVersion: 10.0.18362.418 (WinBuild.160101.0800)
754. 12f0.1a68: FileDescription: NT Layer DLL
755. 12f0.1a68: \SystemRoot\System32\kernel32.dll:
756. 12f0.1a68: CreationTime: 2019-09-02T14:07:38.017663300Z
757. 12f0.1a68: LastWriteTime: 2019-09-02T14:07:38.233537200Z
758. 12f0.1a68: ChangeTime: 2020-01-16T11:45:02.930080600Z
759. 12f0.1a68: FileAttributes: 0x20
760. 12f0.1a68: Size: 0xb0570
761. 12f0.1a68: NT Headers: 0xe8
762. 12f0.1a68: Timestamp: 0xd0cecc10
763. 12f0.1a68: Machine: 0x8664 - amd64
764. 12f0.1a68: Timestamp: 0xd0cecc10
765. 12f0.1a68: Image Version: 10.0
766. 12f0.1a68: SizeOfImage: 0xb2000 (729088)
767. 12f0.1a68: Resource Dir: 0xb0000 LB 0x520
768. 12f0.1a68: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
769. 12f0.1a68: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
770. 12f0.1a68: ProductName: Microsoft® Windows® Operating System
771. 12f0.1a68: ProductVersion: 10.0.18362.329
772. 12f0.1a68: FileVersion: 10.0.18362.329 (WinBuild.160101.0800)
773. 12f0.1a68: FileDescription: Windows NT BASE API Client DLL
774. 12f0.1a68: \SystemRoot\System32\KernelBase.dll:
775. 12f0.1a68: CreationTime: 2019-12-12T10:00:55.556995800Z
776. 12f0.1a68: LastWriteTime: 2019-12-12T10:00:55.674538800Z
777. 12f0.1a68: ChangeTime: 2020-01-16T11:45:03.136102700Z
778. 12f0.1a68: FileAttributes: 0x20
779. 12f0.1a68: Size: 0x2a2638
780. 12f0.1a68: NT Headers: 0xf0
781. 12f0.1a68: Timestamp: 0x50cc8d5a
782. 12f0.1a68: Machine: 0x8664 - amd64
783. 12f0.1a68: Timestamp: 0x50cc8d5a
784. 12f0.1a68: Image Version: 10.0
785. 12f0.1a68: SizeOfImage: 0x2a3000 (2764800)
786. 12f0.1a68: Resource Dir: 0x27d000 LB 0x548
787. 12f0.1a68: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
788. 12f0.1a68: [Raw version resource data: 0x27d0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
789. 12f0.1a68: ProductName: Microsoft® Windows® Operating System
790. 12f0.1a68: ProductVersion: 10.0.18362.535
791. 12f0.1a68: FileVersion: 10.0.18362.535 (WinBuild.160101.0800)
792. 12f0.1a68: FileDescription: Windows NT BASE API Client DLL
793. 12f0.1a68: \SystemRoot\System32\apisetschema.dll:
794. 12f0.1a68: CreationTime: 2019-03-19T04:43:54.837151500Z
795. 12f0.1a68: LastWriteTime: 2019-03-19T04:43:54.837151500Z
796. 12f0.1a68: ChangeTime: 2020-01-16T11:45:02.918087300Z
797. 12f0.1a68: FileAttributes: 0x20
798. 12f0.1a68: Size: 0x1d028
799. 12f0.1a68: NT Headers: 0xc8
800. 12f0.1a68: Timestamp: 0xd6ced080
801. 12f0.1a68: Machine: 0x8664 - amd64
802. 12f0.1a68: Timestamp: 0xd6ced080
803. 12f0.1a68: Image Version: 10.0
804. 12f0.1a68: SizeOfImage: 0x1e000 (122880)
805. 12f0.1a68: Resource Dir: 0x1d000 LB 0x408
806. 12f0.1a68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
807. 12f0.1a68: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
808. 12f0.1a68: ProductName: Microsoft® Windows® Operating System
809. 12f0.1a68: ProductVersion: 10.0.18362.1
810. 12f0.1a68: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
811. 12f0.1a68: FileDescription: ApiSet Schema DLL
812. 12f0.1a68: NtOpenDirectoryObject failed on \Driver: 0xc0000022
813. 12f0.1a68: supR3HardenedWinFindAdversaries: 0x40
814. 12f0.1a68: \SystemRoot\System32\drivers\klflt.sys:
815. 12f0.1a68: CreationTime: 2019-07-22T06:54:52.660458100Z
816. 12f0.1a68: LastWriteTime: 2019-10-29T07:33:50.630658400Z
817. 12f0.1a68: ChangeTime: 2019-10-29T07:33:50.630658400Z
818. 12f0.1a68: FileAttributes: 0x20
819. 12f0.1a68: Size: 0x3d678
820. 12f0.1a68: NT Headers: 0x100
821. 12f0.1a68: Timestamp: 0xddaa7cbc
822. 12f0.1a68: Machine: 0x8664 - amd64
823. 12f0.1a68: Timestamp: 0xddaa7cbc
824. 12f0.1a68: Image Version: 6.1
825. 12f0.1a68: SizeOfImage: 0x4a000 (303104)
826. 12f0.1a68: Resource Dir: 0x47000 LB 0x418
827. 12f0.1a68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
828. 12f0.1a68: [Raw version resource data: 0x47060 LB 0x3b8, codepage 0x0 (reserved 0x0)]
829. 12f0.1a68: ProductName: Coretech Delivery
830. 12f0.1a68: ProductVersion: 30.112.90.0
831. 12f0.1a68: FileVersion: 30.112.90.0
832. 12f0.1a68: FileDescription: Filter Core [fre_win7_amd64]
833. 12f0.1a68: \SystemRoot\System32\drivers\klif.sys:
834. 12f0.1a68: CreationTime: 2019-07-22T06:54:52.686498000Z
835. 12f0.1a68: LastWriteTime: 2019-10-29T07:33:50.838128800Z
836. 12f0.1a68: ChangeTime: 2019-10-29T07:33:50.838128800Z
837. 12f0.1a68: FileAttributes: 0x20
838. 12f0.1a68: Size: 0xf3a80
839. 12f0.1a68: NT Headers: 0xf8
840. 12f0.1a68: Timestamp: 0x5da6282c
841. 12f0.1a68: Machine: 0x8664 - amd64
842. 12f0.1a68: Timestamp: 0x5da6282c
843. 12f0.1a68: Image Version: 6.1
844. 12f0.1a68: SizeOfImage: 0xf4000 (999424)
845. 12f0.1a68: Resource Dir: 0xeb000 LB 0x33f8
846. 12f0.1a68: [Version info resource found at 0x120! (ID/Name: 0x1; SubID/SubName: 0x409)]
847. 12f0.1a68: [Raw version resource data: 0xee028 LB 0x3d0, codepage 0x0 (reserved 0x0)]
848. 12f0.1a68: ProductName: Coretech Delivery
849. 12f0.1a68: ProductVersion: 30.112.90.0
850. 12f0.1a68: FileVersion: 30.112.90.0
851. 12f0.1a68: FileDescription: Core System Interceptors [fre_win7_amd64]
852. 12f0.1a68: \SystemRoot\System32\drivers\klim6.sys:
853. 12f0.1a68: CreationTime: 2019-03-19T02:21:06.000000000Z
854. 12f0.1a68: LastWriteTime: 2019-03-19T02:21:06.000000000Z
855. 12f0.1a68: ChangeTime: 2019-08-31T05:56:13.521866900Z
856. 12f0.1a68: FileAttributes: 0x20
857. 12f0.1a68: Size: 0xe350
858. 12f0.1a68: NT Headers: 0xe0
859. 12f0.1a68: Timestamp: 0x54ad405e
860. 12f0.1a68: Machine: 0x8664 - amd64
861. 12f0.1a68: Timestamp: 0x54ad405e
862. 12f0.1a68: Image Version: 6.1
863. 12f0.1a68: SizeOfImage: 0xb000 (45056)
864. 12f0.1a68: Resource Dir: 0x9000 LB 0x430
865. 12f0.1a68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
866. 12f0.1a68: [Raw version resource data: 0x9060 LB 0x3cc, codepage 0x0 (reserved 0x0)]
867. 12f0.1a68: ProductName: Coretech Delivery
868. 12f0.1a68: ProductVersion: 30.0.3724.0
869. 12f0.1a68: FileVersion: 30.0.3724.0
870. 12f0.1a68: FileDescription: Packet Network Filter [fre_win7_amd64]
871. 12f0.1a68: \SystemRoot\System32\drivers\klkbdflt.sys:
872. 12f0.1a68: CreationTime: 2018-01-15T00:13:30.000000000Z
873. 12f0.1a68: LastWriteTime: 2019-03-17T21:11:30.000000000Z
874. 12f0.1a68: ChangeTime: 2019-08-31T05:56:11.197261800Z
875. 12f0.1a68: FileAttributes: 0x20
876. 12f0.1a68: Size: 0x13550
877. 12f0.1a68: NT Headers: 0xf8
878. 12f0.1a68: Timestamp: 0x79cc11d7
879. 12f0.1a68: Machine: 0x8664 - amd64
880. 12f0.1a68: Timestamp: 0x79cc11d7
881. 12f0.1a68: Image Version: 6.1
882. 12f0.1a68: SizeOfImage: 0x12000 (73728)
883. 12f0.1a68: Resource Dir: 0x10000 LB 0x438
884. 12f0.1a68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
885. 12f0.1a68: [Raw version resource data: 0x10060 LB 0x3d4, codepage 0x0 (reserved 0x0)]
886. 12f0.1a68: ProductName: Coretech Delivery
887. 12f0.1a68: ProductVersion: 30.0.3716.0
888. 12f0.1a68: FileVersion: 30.0.3716.0
889. 12f0.1a68: FileDescription: Keyboard Device Filter [fre_win7_amd64]
890. 12f0.1a68: \SystemRoot\System32\drivers\klmouflt.sys:
891. 12f0.1a68: CreationTime: 2017-12-11T06:49:16.000000000Z
892. 12f0.1a68: LastWriteTime: 2019-03-17T20:50:34.000000000Z
893. 12f0.1a68: ChangeTime: 2019-08-31T05:56:10.241103400Z
894. 12f0.1a68: FileAttributes: 0x20
895. 12f0.1a68: Size: 0xe878
896. 12f0.1a68: NT Headers: 0xe8
897. 12f0.1a68: Timestamp: 0xab7b625
898. 12f0.1a68: Machine: 0x8664 - amd64
899. 12f0.1a68: Timestamp: 0xab7b625
900. 12f0.1a68: Image Version: 6.1
901. 12f0.1a68: SizeOfImage: 0xe000 (57344)
902. 12f0.1a68: Resource Dir: 0xc000 LB 0x430
903. 12f0.1a68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
904. 12f0.1a68: [Raw version resource data: 0xc060 LB 0x3d0, codepage 0x0 (reserved 0x0)]
905. 12f0.1a68: ProductName: Coretech Delivery
906. 12f0.1a68: ProductVersion: 30.0.3716.0
907. 12f0.1a68: FileVersion: 30.0.3716.0
908. 12f0.1a68: FileDescription: Mouse Device Filter [fre_win7_amd64]
909. 12f0.1a68: \SystemRoot\System32\drivers\kneps.sys:
910. 12f0.1a68: CreationTime: 2018-02-24T00:17:48.000000000Z
911. 12f0.1a68: LastWriteTime: 2019-03-18T21:31:38.000000000Z
912. 12f0.1a68: ChangeTime: 2019-08-31T05:56:06.776585600Z
913. 12f0.1a68: FileAttributes: 0x20
914. 12f0.1a68: Size: 0x38b50
915. 12f0.1a68: NT Headers: 0x108
916. 12f0.1a68: Timestamp: 0x7aa255dc
917. 12f0.1a68: Machine: 0x8664 - amd64
918. 12f0.1a68: Timestamp: 0x7aa255dc
919. 12f0.1a68: Image Version: 6.1
920. 12f0.1a68: SizeOfImage: 0x38000 (229376)
921. 12f0.1a68: Resource Dir: 0x35000 LB 0x428
922. 12f0.1a68: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
923. 12f0.1a68: [Raw version resource data: 0x35060 LB 0x3c4, codepage 0x0 (reserved 0x0)]
924. 12f0.1a68: ProductName: Coretech Delivery
925. 12f0.1a68: ProductVersion: 30.0.3731.0
926. 12f0.1a68: FileVersion: 30.0.3731.0
927. 12f0.1a68: FileDescription: Network Processor [fre_win7_amd64]
928. 12f0.1a68: \SystemRoot\System32\klfphc.dll:
929. 12f0.1a68: CreationTime: 2019-07-22T06:55:47.572363700Z
930. 12f0.1a68: LastWriteTime: 2013-05-06T03:13:26.000000000Z
931. 12f0.1a68: ChangeTime: 2019-08-31T05:55:17.301860700Z
932. 12f0.1a68: FileAttributes: 0x20
933. 12f0.1a68: Size: 0x1ae60
934. 12f0.1a68: NT Headers: 0xe8
935. 12f0.1a68: Timestamp: 0x51873bf2
936. 12f0.1a68: Machine: 0x8664 - amd64
937. 12f0.1a68: Timestamp: 0x51873bf2
938. 12f0.1a68: Image Version: 0.0
939. 12f0.1a68: SizeOfImage: 0x1d000 (118784)
940. 12f0.1a68: Resource Dir: 0x18000 LB 0x3c80
941. 12f0.1a68: [Version info resource found at 0x188! (ID/Name: 0x1; SubID/SubName: 0x409)]
942. 12f0.1a68: [Raw version resource data: 0x1b800 LB 0x324, codepage 0x4e4 (reserved 0x0)]
943. 12f0.1a68: ProductName: Kaspersky™ Anti-Virus ®
944. 12f0.1a68: ProductVersion: 1.0.0.12
945. 12f0.1a68: FileVersion: 1.0.0.12
946. 12f0.1a68: FileDescription: Filtering Platform Helper Class
947. 12f0.1a68: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
948. 12f0.1a68: Calling main()
949. 12f0.1a68: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
950. 12f0.1a68: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox'
951. 12f0.1a68: '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
952. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
953. 12f0.1a68: SUPR3HardenedMain: Final process, opening VBoxDrv...
954. 12f0.1a68: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000720000 LB 0x400000)
955. 12f0.1a68: supR3HardNtEnableThreadCreationEx:
956. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
957. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
958. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
959. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
960. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff978a10000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
961. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
962. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
963. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
964. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff978a10000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
965. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
966. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
967. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff978a10000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
968. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff978a10000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
969. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
970. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
971. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
972. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
973. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\wintrust.dll)
974. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\wintrust.dll
975. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
976. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
977. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll)
978. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
979. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
980. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume8\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
981. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
982. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\crypt32.dll)
983. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\crypt32.dll
984. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
985. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume8\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
986. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msasn1.dll)
987. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msasn1.dll
988. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
989. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
990. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msvcrt.dll)
991. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
992. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
993. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume8\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
994. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
995. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
996. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97d550000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
997. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
998. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97a950000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
999. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
1000. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97b730000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
1001. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ucrtbase.dll)
1002. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ucrtbase.dll
1003. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97b830000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
1004. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1005. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97cb20000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
1006. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1007. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97af30000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
1008. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1009. 12f0.1a68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
1010. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1011. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97abd0000 'api-ms-win-core-synch-l1-2-0'
1012. 12f0.1a68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
1013. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1014. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97abd0000 'api-ms-win-core-fibers-l1-1-1'
1015. 12f0.1a68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
1016. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1017. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97abd0000 'api-ms-win-core-fibers-l1-1-1'
1018. 12f0.1a68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
1019. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1020. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97abd0000 'api-ms-win-core-synch-l1-2-0'
1021. 12f0.1a68: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
1022. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1023. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97abd0000 'api-ms-win-core-localization-l1-2-1'
1024. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97af30000 'C:\WINDOWS\system32\Wintrust.dll'
1025. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\bcrypt.dll)
1026. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\bcrypt.dll
1027. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1028. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97ba00000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
1029. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1030. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97ba00000 'C:\WINDOWS\system32\bcrypt.dll'
1031. 12f0.1a68: bcrypt.dll loaded at 00007ff97ba00000, BCryptOpenAlgorithmProvider at 00007ff97ba04c70, preloading providers:
1032. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll)
1033. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
1034. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1035. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97b980000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
1036. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1037. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b980000 'C:\WINDOWS\system32\bcryptprimitives.dll'
1038. 12f0.1a68: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000b9da90)
1039. 12f0.1a68: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000b9e7f0)
1040. 12f0.1a68: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000b9eaf0)
1041. 12f0.1a68: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000b9f600)
1042. 12f0.1a68: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000b9f900)
1043. 12f0.1a68: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000b9fc00)
1044. 12f0.1a68: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000b9ff00)
1045. 12f0.1a68: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000ba0200)
1046. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97af90000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
1047. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptsp.dll)
1048. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptsp.dll
1049. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
1050. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\rsaenh.dll)
1051. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
1052. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1053. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1054. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1055. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1056. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1057. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff979d20000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
1058. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1059. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1060. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
1061. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\cryptbase.dll)
1062. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptbase.dll
1063. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97a380000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
1064. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
1065. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
1066. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1067. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1068. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
1069. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1070. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97c760000 'C:\WINDOWS\System32\kernel32.dll'
1071. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1072. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1073. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97af30000 'C:\WINDOWS\System32\WINTRUST.DLL'
1074. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1075. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1076. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\CRYPT32.dll'
1077. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97d960000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
1078. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
1079. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\imagehlp.dll)
1080. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\imagehlp.dll
1081. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1082. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1083. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1084. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1085. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1086. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1087. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97d5f0000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
1088. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
1089. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\sechost.dll)
1090. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\sechost.dll
1091. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1092. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1093. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gpapi.dll)
1094. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gpapi.dll
1095. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff979560000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
1096. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
1097. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97a9c0000 LB 0x0001f000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
1098. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\profapi.dll)
1099. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\profapi.dll
1100. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1101. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
1102. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\cryptnet.dll)
1103. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\cryptnet.dll
1104. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
1105. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume8\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
1106. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1107. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1108. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1109. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1110. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1111. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1112. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1113. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1114. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1115. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1116. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1117. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1118. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1119. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1120. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1121. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff970330000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
1122. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1123. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1124. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1125. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1126. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1127. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1128. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1129. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1130. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1131. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1132. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1133. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1134. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1135. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1136. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1137. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1138. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1139. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1140. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1141. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1142. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1143. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1144. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1145. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1146. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1147. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1148. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1149. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1150. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1151. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\WINDOWS\System32\cryptnet.dll'
1152. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1153. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff970330000 'C:\Windows\System32\cryptnet.dll'
1154. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97d8b0000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
1155. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1156. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
1157. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
1158. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\advapi32.dll)
1159. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1160. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1161. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1162. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1163. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1164. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
1165. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume8\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
1166. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1167. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1168. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1169. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1170. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1171. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1172. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1173. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1174. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1175. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1176. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000120d6b0
1177. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d6b0
1178. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E42142C43484BA84DDDB10D97303487D47E882DE
1179. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1180. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1181. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97cb20000 'C:\WINDOWS\System32\rpcrt4.dll'
1182. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1183. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1184. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1185. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1186. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1187. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1188. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\SystemRoot\System32\ntdll.dll'
1189. 12f0.1a68: g_pfnWinVerifyTrust=00007ff97af361f0
1190. 12f0.1a68: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1191. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1192. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1193. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1194. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1195. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1196. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1197. 12f0.1a68: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\crypt32.dll'
1198. 12f0.1a68: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1199. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1200. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1201. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1202. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
1203. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1204. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1205. 12f0.1a68: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\wintrust.dll'
1206. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1207. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1208. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1209. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1210. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\advapi32.dll'
1211. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003a8 pwszName=\Device\HarddiskVolume8\Windows\System32\cryptnet.dll
1212. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000120d6b0
1213. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d6b0
1214. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
1215. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1216. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1217. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1218. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.592.cat'; file='\Device\HarddiskVolume8\Windows\System32\cryptnet.dll'
1219. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1220. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptnet.dll'
1221. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1222. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1223. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1224. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\profapi.dll'
1225. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1226. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1227. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1228. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gpapi.dll'
1229. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1230. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1231. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1232. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\sechost.dll'
1233. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1234. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1235. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1236. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\imagehlp.dll'
1237. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1238. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1239. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1240. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptbase.dll'
1241. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1242. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1243. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
1244. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1245. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1246. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rsaenh.dll'
1247. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
1248. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1249. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1250. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1251. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\cryptsp.dll'
1252. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1253. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1254. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll'
1255. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1256. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1257. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\bcrypt.dll'
1258. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1259. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1260. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\ucrtbase.dll'
1261. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1262. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1263. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll'
1264. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1265. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1266. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msasn1.dll'
1267. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1268. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1269. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll'
1270. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1271. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1272. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1273. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
1274. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1275. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1276. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\KernelBase.dll'
1277. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1278. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1279. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\kernel32.dll'
1280. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\system32\crypt32.dll'
1281. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x7dafc7203c2aa300 O=AO Kaspersky Lab, CN=Kaspersky Anti-Virus Personal Root Certificate
1282. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1283. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1284. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x5bf6d67b8e2fae00 C=US, ST=California, L=Irvine, O=Blizzard Entertainment, OU=Battle.net, CN=Blizzard Battle.net Local Cert
1285. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1286. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1287. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
1288. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1289. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1290. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xd140ebc339a98a2f CN=WZTeam
1291. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x6e71c8bb94b19f2d CN=VladisPC
1292. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1293. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1294. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
1295. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1296. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1297. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
1298. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
1299. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x2ca429a5c4c6a700 C=IT, L=Milan, O=Actalis S.p.A./03358520967, CN=Actalis Authentication Root CA
1300. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xd8dbfb2c27bfb200 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2008 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA - G3
1301. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1302. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
1303. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x57ba5395b561bf00 C=BM, O=QuoVadis Limited, OU=Root Certification Authority, CN=QuoVadis Root Certification Authority
1304. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1305. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
1306. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
1307. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1308. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1309. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
1310. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x1591b8ac8dcabd00 C=CN, O=WoSign CA Limited, CN=Certification Authority of WoSign
1311. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
1312. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
1313. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1314. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
1315. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
1316. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1317. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1318. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1319. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xef62113787ebace5 C=US, O=GeoTrust Inc., OU=(c) 2007 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G2
1320. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
1321. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
1322. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x298be035a30bab00 C=DE, O=Deutsche Telekom AG, OU=T-TeleSec Trust Center, CN=Deutsche Telekom Root CA 2
1323. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
1324. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1325. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1326. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
1327. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1328. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x3eaa756fe759c500 C=NL, O=Staat der Nederlanden, CN=Staat der Nederlanden Root CA - G2
1329. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
1330. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1331. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xd407c1f75ec7d700 C=NO, O=Buypass AS-983163327, CN=Buypass Class 2 Root CA
1332. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1333. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1334. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xf0ca9d354a179000 C=FI, O=Sonera, CN=Sonera Class2 CA
1335. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
1336. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
1337. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x7cd4ff7b15b8be00 C=US, O=GeoTrust Inc., CN=GeoTrust Primary Certification Authority
1338. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
1339. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1340. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xab549401526569d3 L=Internet, O=VeriSign, Inc., OU=VeriSign Commercial Software Publishers CA
1341. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xe66b56ffc86e50a4 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Server CA, Email=server-certs@thawte.com
1342. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xb9ff821d139e9bf OU=GlobalSign ECC Root CA - R5, O=GlobalSign, CN=GlobalSign
1343. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
1344. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1345. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x331d58625ee2dc00 C=US, O=GeoTrust Inc., OU=(c) 2008 GeoTrust Inc. - For authorized use only, CN=GeoTrust Primary Certification Authority - G3
1346. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1347. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x39bb496d7f0fc200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Development Root Certificate Authority 2014
1348. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x90c7c28610d2ed15 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Development Root Certificate Authority 2018
1349. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0xb776da68ed15040a C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Testing Root Certificate Authority 2017
1350. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x269cb9c1a8e39500 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Testing Root Certificate Authority 2010
1351. 12f0.1a68: supR3HardenedWinIsDesiredRootCA: Adding 0x4b0cd3b56d5883aa OU=Copyright (c) 1999 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Test Root Authority
1352. 12f0.1a68: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=71
1353. 12f0.1a68: SUPR3HardenedMain: Load Runtime...
1354. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1355. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1356. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1357. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1358. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1359. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1360. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1361. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1362. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1363. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1364. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1365. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
1366. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ws2_32.dll) WinVerifyTrust
1367. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
1368. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1369. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1370. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
1371. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1372. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1373. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1374. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1375. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rpcrt4.dll
1376. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1377. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1378. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1379. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1380. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1381. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1382. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1383. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1384. 12f0.1a68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1385. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll)
1386. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1387. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1388. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1389. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1390. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1391. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1392. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1393. 12f0.1a68: supR3HardenedDllNotificationCallback: load 000000006a920000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1394. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1395. 12f0.1a68: supR3HardenedDllNotificationCallback: load 0000000069da0000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1396. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1397. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff97c820000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
1398. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
1399. 12f0.1a68: supR3HardenedDllNotificationCallback: load 00007ff962280000 LB 0x005e9000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1400. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1401. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1402. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1403. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1404. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1405. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1406. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1407. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1408. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1409. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1410. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1411. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1412. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1413. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1414. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1415. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1416. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1417. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1418. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1419. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1420. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1421. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1422. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1423. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1424. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1425. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1426. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1427. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1428. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1429. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1430. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1431. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1432. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1433. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1434. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1435. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1436. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1437. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1438. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1439. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1440. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1441. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1442. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1443. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1444. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1445. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1446. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1447. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1448. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1449. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1450. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1451. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1452. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1453. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1454. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1455. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1456. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1457. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1458. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1459. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1460. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1461. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1462. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1463. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1464. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1465. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1466. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1467. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1468. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1469. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1470. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1471. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1472. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1473. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1474. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1475. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1476. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1477. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1478. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1479. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1480. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1481. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1482. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1483. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1484. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1485. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1486. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1487. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1488. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1489. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1490. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1491. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1492. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1493. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1494. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1495. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1496. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1497. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1498. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1499. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1500. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1501. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1502. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1503. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1504. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1505. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1506. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1507. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1508. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1509. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1510. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1511. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1512. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1513. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1514. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1515. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1516. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1517. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1518. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1519. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1520. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1521. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1522. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1523. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1524. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1525. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1526. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1527. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1528. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1529. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1530. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1531. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1532. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1533. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1534. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1535. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1536. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1537. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1538. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1539. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1540. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1541. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1542. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1543. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1544. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1545. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1546. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1547. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1548. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1549. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1550. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1551. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1552. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1553. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1554. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1555. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1556. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1557. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1558. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1559. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1560. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1561. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1562. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VBoxRT.dll
1563. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1564. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1565. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1566. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1567. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1568. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1569. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1570. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1571. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1572. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1573. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1574. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1575. 12f0.1a68: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1576. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1577. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff962280000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1578. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1579. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll'
1580. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\wintrust.dll
1581. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1582. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97af30000 'C:\WINDOWS\system32\Wintrust.dll'
1583. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\rsaenh.dll
1584. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1585. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1586. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1587. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1588. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1589. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\system32\crypt32.dll'
1590. 12f0.1a68: SUPR3HardenedMain: Load TrustedMain...
1591. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1592. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1593. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1594. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1595. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1596. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1597. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1598. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1599. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1600. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1601. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1602. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1603. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1604. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1605. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1606. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1607. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1608. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1609. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1610. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1611. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1612. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1613. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\winmm.dll) WinVerifyTrust
1614. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\winmm.dll
1615. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1616. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1617. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1618. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1619. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1620. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1621. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1622. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'.
1623. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1624. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\winmmbase.dll)
1625. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\winmmbase.dll
1626. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1627. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1628. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1629. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1630. 12f0.1a68: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\crypt32.dll
1631. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1632. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1633. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1634. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1635. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
1636. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\oleaut32.dll) WinVerifyTrust
1637. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
1638. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1639. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1640. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1641. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1642. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1643. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1644. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\combase.dll'.
1645. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1646. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #46 'bcryptprimitives.dll'.
1647. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\combase.dll)
1648. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\combase.dll
1649. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1650. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1651. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'.
1652. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll)
1653. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\msvcp_win.dll
1654. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1655. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1656. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\bcryptprimitives.dll
1657. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1658. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1659. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1660. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1661. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
1662. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
1663. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
1664. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
1665. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\ole32.dll) WinVerifyTrust
1666. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\ole32.dll
1667. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1668. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1669. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1670. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume8\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1671. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\combase.dll [lacks WinVerifyTrust]
1672. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1673. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1674. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\user32.dll'.
1675. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1676. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1677. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\user32.dll)
1678. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\user32.dll
1679. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1680. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1681. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'.
1682. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
1683. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\gdi32.dll)
1684. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\gdi32.dll
1685. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1686. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1687. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1688. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1689. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\win32u.dll'.
1690. 12f0.1a68: '\Device\HarddiskVolume8\Windows\System32\win32u.dll' has no imports
1691. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\win32u.dll)
1692. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\win32u.dll
1693. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1694. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1695. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1696. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1697. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1698. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1699. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1700. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1701. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1702. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1703. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\user32.dll) WinVerifyTrust
1704. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1705. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1706. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1707. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1708. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1709. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1710. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume8\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1711. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1712. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1713. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1714. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1715. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1716. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1717. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1718. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1719. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1720. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1721. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1722. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1723. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1724. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1725. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1726. 12f0.1a68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1727. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1728. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1729. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1730. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1731. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1732. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1733. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1734. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1735. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1736. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1737. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1738. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1739. 12f0.1a68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1740. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1741. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1742. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1743. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1744. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1745. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1746. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1747. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1748. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1749. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1750. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1751. 12f0.1a68: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1752. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1753. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1754. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1755. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1756. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1757. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1758. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1759. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1760. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1761. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1762. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1763. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1764. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1765. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1766. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1767. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1768. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1769. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\shell32.dll'.
1770. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
1771. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
1772. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\shell32.dll)
1773. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\shell32.dll
1774. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1775. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1776. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1777. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1778. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1779. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1780. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1781. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1782. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1783. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1784. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1785. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1786. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1787. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1788. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1789. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1790. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1791. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1792. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1793. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1794. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1795. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1796. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1797. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1798. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1799. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1800. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1801. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1802. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1803. 12f0.1a68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\opengl32.dll'.
1804. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1805. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1806. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1807. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1808. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
1809. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\opengl32.dll)
1810. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1811. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1812. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1813. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1814. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1815. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1816. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1817. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1818. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1819. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1820. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1821. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume8\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1822. 12f0.1a68: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume8\Windows\System32\mpr.dll'.
1823. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Windows\System32\mpr.dll)
1824. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\mpr.dll
1825. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1826. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1827. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ws2_32.dll
1828. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1829. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1830. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1831. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1832. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1833. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1834. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1835. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1836. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1837. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1838. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1839. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1840. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1841. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume8\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1842. 12f0.1a68: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume8\Windows\System32\glu32.dll'.
1843. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1844. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1845. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1846. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume8\Windows\System32\glu32.dll)
1847. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Windows\System32\glu32.dll
1848. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1849. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1850. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1851. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1852. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1853. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1854. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1855. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1856. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1857. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1858. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1859. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1860. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1861. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1862. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1863. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1864. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1865. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1866. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1867. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1868. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1869. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1870. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1871. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1872. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1873. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume8\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1874. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\msvcrt.dll
1875. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1876. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1877. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1878. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1879. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1880. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1881. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1882. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1883. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1884. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1885. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1886. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1887. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1888. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1889. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1890. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1891. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1892. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1893. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1894. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume8\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1895. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1896. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1897. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1898. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1899. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1900. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1901. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1902. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1903. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1904. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [lacks WinVerifyTrust]
1905. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1906. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1907. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1908. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1909. 12f0.1a68: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1910. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1911. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1912. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1913. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1914. 12f0.1a68: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1915. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1916. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1917. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll
1918. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1919. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1920. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcp100.dll
1921. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1922. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1923. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1924. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1925. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1926. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1927. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1928. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1929. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1930. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1931. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1932. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1933. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1934. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1935. 12f0.1a68: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1936. 12f0.1a68: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1937. 12f0.1a68: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\UICommon.dll
1938. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1939. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume8\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1940. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1941. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004f8 pwszName=\Device\HarddiskVolume8\Windows\System32\opengl32.dll
1942. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000120d6b0
1943. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d6b0
1944. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1945. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
1946. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000120d530
1947. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d530
1948. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1949. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1950. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000120d9b0
1951. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d9b0
1952. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=6622493BDCECA5422FCE0B921D6626202D89C04B3EFCC5A76BF19A9905D8BD33
1953. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
1954. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
1955. 12f0.1a68: supR3HardenedScreenImage/Imports: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\opengl32.dll'
1956. 12f0.1a68: Error (rc=0):
1957. 12f0.1a68: supR3HardenedScreenImage/Imports: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x0 fAccess=0x0 cHits=2 \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1958. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1959. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume8\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1960. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1961. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume8\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1962. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\oleaut32.dll
1963. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1964. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume8\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1965. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\ole32.dll
1966. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1967. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume8\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1968. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\advapi32.dll
1969. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1970. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume8\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1971. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Windows\System32\user32.dll [redoing WinVerifyTrust]
1972. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1973. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
1974. 12f0.1a68: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\user32.dll'
1975. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1976. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1977. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [redoing WinVerifyTrust]
1978. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
1979. 12f0.1a68: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
1980. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1981. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1982. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1983. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1984. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1985. 12f0.1a68: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1986. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1987. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1988. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1989. 12f0.1a68: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1990. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1991. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume8\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1992. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status -22900 (0xffffa68c)) on \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1993. 12f0.1a68: Error (rc=0):
1994. 12f0.1a68: supR3HardenedScreenImage/NtCreateSection: cached rc=Unknown Status -22900 (0xffffa68c) fImage=1 fProtect=0x10 fAccess=0xd cHits=3 \Device\HarddiskVolume8\Windows\System32\opengl32.dll
1995. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000190 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
1996. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000004fc pwszName=\Device\HarddiskVolume8\Windows\System32\glu32.dll
1997. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000120d530
1998. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d530
1999. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2000. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
2001. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000120cf30
2002. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120cf30
2003. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2004. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
2005. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 000000000120d9b0
2006. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d9b0
2007. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=41D97903DE3C10BFE43059393A6DD1DB671F42BFA9627D4C98589CCC6ADA69C2
2008. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: Retrying with fresh context (CryptCATAdminEnumCatalogFromHash -> 1168; iCat=0x0)
2009. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: New context 000000000120d3b0
2010. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=000000000120d3b0
2011. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=32 wszDigest=41D97903DE3C10BFE43059393A6DD1DB671F42BFA9627D4C98589CCC6ADA69C2
2012. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile: CryptCATAdminEnumCatalogFromHash failed ERROR_NOT_FOUND (1168)
2013. 12f0.1a68: supR3HardNtViCallWinVerifyTrustCatFile -> -22900 (org 22900)
2014. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: -22900 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\glu32.dll'
2015. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2016. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2017. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\mpr.dll'
2018. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2019. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2020. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\shell32.dll'
2021. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2022. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2023. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\win32u.dll'
2024. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2025. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2026. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\gdi32.dll'
2027. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2028. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2029. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\msvcp_win.dll'
2030. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2031. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2032. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\combase.dll'
2033. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff979d20000 'C:\WINDOWS\system32\rsaenh.dll'
2034. 12f0.1a68: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff97b830000 'C:\WINDOWS\System32\crypt32.dll'
2035. 12f0.1a68: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume8\Windows\System32\winmmbase.dll'
2036. 12f0.1a68: Fatal error:
2037. 12f0.1a68: supR3HardenedMainGetTrustedMain: LoadLibrary "C:\Program Files\Oracle\VirtualBox/VirtualBoxVM.dll" failed, rc=1790
2038. 5c8.7c4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 1440 ms, the end);
2039. 2e14.3218: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0x1 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 2153 ms, the end);