VBoxHardening Ubuntu 27/07/2020

1. 2d4c.2520: Log file opened: 6.1.12r139181 g_hStartupLog=0000000000000074 g_uNtVerCombined=0xa047ba00
2. 2d4c.2520: \SystemRoot\System32\ntdll.dll:
3. 2d4c.2520: CreationTime: 2020-05-12T23:42:09.460157100Z
4. 2d4c.2520: LastWriteTime: 2020-05-12T23:42:09.585159900Z
5. 2d4c.2520: ChangeTime: 2020-07-16T03:15:51.534616800Z
6. 2d4c.2520: FileAttributes: 0x20
7. 2d4c.2520: Size: 0x1e8460
8. 2d4c.2520: NT Headers: 0xd8
9. 2d4c.2520: Timestamp: 0xb29ecf52
10. 2d4c.2520: Machine: 0x8664 - amd64
11. 2d4c.2520: Timestamp: 0xb29ecf52
12. 2d4c.2520: Image Version: 10.0
13. 2d4c.2520: SizeOfImage: 0x1f0000 (2031616)
14. 2d4c.2520: Resource Dir: 0x17f000 LB 0x6f310
15. 2d4c.2520: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
16. 2d4c.2520: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
17. 2d4c.2520: ProductName: Microsoft® Windows® Operating System
18. 2d4c.2520: ProductVersion: 10.0.18362.815
19. 2d4c.2520: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
20. 2d4c.2520: FileDescription: NT Layer DLL
21. 2d4c.2520: \SystemRoot\System32\kernel32.dll:
22. 2d4c.2520: CreationTime: 2020-07-16T03:11:30.388107800Z
23. 2d4c.2520: LastWriteTime: 2020-07-16T03:11:30.481858000Z
24. 2d4c.2520: ChangeTime: 2020-07-16T05:40:05.555950800Z
25. 2d4c.2520: FileAttributes: 0x20
26. 2d4c.2520: Size: 0xb0498
27. 2d4c.2520: NT Headers: 0xe8
28. 2d4c.2520: Timestamp: 0xce6bbd73
29. 2d4c.2520: Machine: 0x8664 - amd64
30. 2d4c.2520: Timestamp: 0xce6bbd73
31. 2d4c.2520: Image Version: 10.0
32. 2d4c.2520: SizeOfImage: 0xb2000 (729088)
33. 2d4c.2520: Resource Dir: 0xb0000 LB 0x520
34. 2d4c.2520: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
35. 2d4c.2520: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
36. 2d4c.2520: ProductName: Microsoft® Windows® Operating System
37. 2d4c.2520: ProductVersion: 10.0.18362.959
38. 2d4c.2520: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
39. 2d4c.2520: FileDescription: Windows NT BASE API Client DLL
40. 2d4c.2520: \SystemRoot\System32\KernelBase.dll:
41. 2d4c.2520: CreationTime: 2020-07-16T03:11:57.648343900Z
42. 2d4c.2520: LastWriteTime: 2020-07-16T03:11:57.757726100Z
43. 2d4c.2520: ChangeTime: 2020-07-16T05:40:15.009130300Z
44. 2d4c.2520: FileAttributes: 0x20
45. 2d4c.2520: Size: 0x2a4058
46. 2d4c.2520: NT Headers: 0xf8
47. 2d4c.2520: Timestamp: 0x7b90c1b5
48. 2d4c.2520: Machine: 0x8664 - amd64
49. 2d4c.2520: Timestamp: 0x7b90c1b5
50. 2d4c.2520: Image Version: 10.0
51. 2d4c.2520: SizeOfImage: 0x2a4000 (2768896)
52. 2d4c.2520: Resource Dir: 0x27e000 LB 0x548
53. 2d4c.2520: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
54. 2d4c.2520: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
55. 2d4c.2520: ProductName: Microsoft® Windows® Operating System
56. 2d4c.2520: ProductVersion: 10.0.18362.959
57. 2d4c.2520: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
58. 2d4c.2520: FileDescription: Windows NT BASE API Client DLL
59. 2d4c.2520: \SystemRoot\System32\apisetschema.dll:
60. 2d4c.2520: CreationTime: 2019-03-19T04:43:54.837151500Z
61. 2d4c.2520: LastWriteTime: 2019-03-19T04:43:54.837151500Z
62. 2d4c.2520: ChangeTime: 2020-07-16T03:15:40.635835200Z
63. 2d4c.2520: FileAttributes: 0x20
64. 2d4c.2520: Size: 0x1d028
65. 2d4c.2520: NT Headers: 0xc8
66. 2d4c.2520: Timestamp: 0xd6ced080
67. 2d4c.2520: Machine: 0x8664 - amd64
68. 2d4c.2520: Timestamp: 0xd6ced080
69. 2d4c.2520: Image Version: 10.0
70. 2d4c.2520: SizeOfImage: 0x1e000 (122880)
71. 2d4c.2520: Resource Dir: 0x1d000 LB 0x408
72. 2d4c.2520: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
73. 2d4c.2520: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
74. 2d4c.2520: ProductName: Microsoft® Windows® Operating System
75. 2d4c.2520: ProductVersion: 10.0.18362.1
76. 2d4c.2520: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
77. 2d4c.2520: FileDescription: ApiSet Schema DLL
78. 2d4c.2520: NtOpenDirectoryObject failed on \Driver: 0xc0000022
79. 2d4c.2520: supR3HardenedWinFindAdversaries: 0x0
80. 2d4c.2520: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
81. 2d4c.2520: Calling main()
82. 2d4c.2520: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
83. 2d4c.2520: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
84. 2d4c.2520: SUPR3HardenedMain: Respawn #1
85. 2d4c.2520: System32: \Device\HarddiskVolume2\Windows\System32
86. 2d4c.2520: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
87. 2d4c.2520: KnownDllPath: C:\WINDOWS\System32
88. 2d4c.2520: supR3HardenedWinInit: Performing a limited self purification...
89. 2d4c.2520: supHardNtVpScanVirtualMemory: enmKind=SELF_PURIFICATION
90. 2d4c.2520: *0000000000000000-00000000007cffff 0x0001/0x0000 0x0000000
91. 2d4c.2520: *00000000007d0000-00000000007dffff 0x0004/0x0004 0x0040000
92. 2d4c.2520: 00000000007e0000-00000000007effff 0x0001/0x0000 0x0000000
93. 2d4c.2520: *00000000007f0000-00000000007f3fff 0x0002/0x0002 0x0040000
94. 2d4c.2520: 00000000007f4000-00000000007fffff 0x0001/0x0000 0x0000000
95. 2d4c.2520: *0000000000800000-000000000083efff 0x0000/0x0004 0x0020000
96. 2d4c.2520: 000000000083f000-0000000000841fff 0x0004/0x0004 0x0020000
97. 2d4c.2520: 0000000000842000-00000000009fffff 0x0000/0x0004 0x0020000
98. 2d4c.2520: *0000000000a00000-0000000000a1afff 0x0002/0x0002 0x0040000
99. 2d4c.2520: 0000000000a1b000-0000000000a1ffff 0x0001/0x0000 0x0000000
100. 2d4c.2520: *0000000000a20000-0000000000ad8fff 0x0000/0x0004 0x0020000
101. 2d4c.2520: 0000000000ad9000-0000000000adbfff 0x0104/0x0004 0x0020000
102. 2d4c.2520: 0000000000adc000-0000000000b1ffff 0x0004/0x0004 0x0020000
103. 2d4c.2520: *0000000000b20000-0000000000b21fff 0x0004/0x0004 0x0020000
104. 2d4c.2520: 0000000000b22000-0000000000b2ffff 0x0001/0x0000 0x0000000
105. 2d4c.2520: *0000000000b30000-0000000000bf6fff 0x0002/0x0002 0x0040000
106. 2d4c.2520: 0000000000bf7000-0000000000bfffff 0x0001/0x0000 0x0000000
107. 2d4c.2520: *0000000000c00000-0000000000c01fff 0x0004/0x0004 0x0020000
108. 2d4c.2520: 0000000000c02000-0000000000c19fff 0x0000/0x0004 0x0020000
109. 2d4c.2520: 0000000000c1a000-0000000000c2ffff 0x0001/0x0000 0x0000000
110. 2d4c.2520: *0000000000c30000-0000000000c3efff 0x0004/0x0004 0x0020000
111. 2d4c.2520: 0000000000c3f000-0000000000c3ffff 0x0000/0x0004 0x0020000
112. 2d4c.2520: 0000000000c40000-0000000000caffff 0x0001/0x0000 0x0000000
113. 2d4c.2520: *0000000000cb0000-0000000000cb4fff 0x0004/0x0004 0x0020000
114. 2d4c.2520: 0000000000cb5000-0000000000daffff 0x0000/0x0004 0x0020000
115. 2d4c.2520: *0000000000db0000-0000000000db6fff 0x0000/0x0004 0x0020000
116. 2d4c.2520: 0000000000db7000-0000000000fa7fff 0x0004/0x0004 0x0020000
117. 2d4c.2520: 0000000000fa8000-0000000000fa8fff 0x0000/0x0004 0x0020000
118. 2d4c.2520: 0000000000fa9000-0000000000faffff 0x0001/0x0000 0x0000000
119. 2d4c.2520: *0000000000fb0000-0000000000fccfff 0x0004/0x0004 0x0020000
120. 2d4c.2520: 0000000000fcd000-00000000010affff 0x0000/0x0004 0x0020000
121. 2d4c.2520: 00000000010b0000-000000007ffdffff 0x0001/0x0000 0x0000000
122. 2d4c.2520: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
123. 2d4c.2520: 000000007ffe1000-000000007ffe9fff 0x0001/0x0000 0x0000000
124. 2d4c.2520: *000000007ffea000-000000007ffeafff 0x0002/0x0002 0x0020000
125. 2d4c.2520: 000000007ffeb000-00007ff4f98affff 0x0001/0x0000 0x0000000
126. 2d4c.2520: *00007ff4f98b0000-00007ff4f98b4fff 0x0002/0x0002 0x0040000
127. 2d4c.2520: 00007ff4f98b5000-00007ff4f99affff 0x0000/0x0002 0x0040000
128. 2d4c.2520: *00007ff4f99b0000-00007ff5f99cffff 0x0000/0x0004 0x0020000
129. 2d4c.2520: *00007ff5f99d0000-00007ff5fb9cffff 0x0000/0x0004 0x0020000
130. 2d4c.2520: 00007ff5fb9d0000-00007ff5fb9d0fff 0x0004/0x0004 0x0020000
131. 2d4c.2520: 00007ff5fb9d1000-00007ff5fb9dffff 0x0001/0x0000 0x0000000
132. 2d4c.2520: *00007ff5fb9e0000-00007ff5fb9e0fff 0x0002/0x0002 0x0040000
133. 2d4c.2520: 00007ff5fb9e1000-00007ff5fb9effff 0x0001/0x0000 0x0000000
134. 2d4c.2520: *00007ff5fb9f0000-00007ff5fba12fff 0x0002/0x0002 0x0040000
135. 2d4c.2520: 00007ff5fba13000-00007ff66026ffff 0x0001/0x0000 0x0000000
136. 2d4c.2520: *00007ff660270000-00007ff660270fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
137. 2d4c.2520: 00007ff660271000-00007ff6602e6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
138. 2d4c.2520: 00007ff6602e7000-00007ff6602e7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
139. 2d4c.2520: 00007ff6602e8000-00007ff66032ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
140. 2d4c.2520: 00007ff660330000-00007ff660332fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
141. 2d4c.2520: 00007ff660333000-00007ff660335fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
142. 2d4c.2520: 00007ff660336000-00007ff660338fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
143. 2d4c.2520: 00007ff660339000-00007ff660339fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
144. 2d4c.2520: 00007ff66033a000-00007ff66033bfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
145. 2d4c.2520: 00007ff66033c000-00007ff66033cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
146. 2d4c.2520: 00007ff66033d000-00007ff660385fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
147. 2d4c.2520: 00007ff660386000-00007ffa2741ffff 0x0001/0x0000 0x0000000
148. 2d4c.2520: *00007ffa27420000-00007ffa27420fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
149. 2d4c.2520: 00007ffa27421000-00007ffa27525fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
150. 2d4c.2520: 00007ffa27526000-00007ffa27688fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
151. 2d4c.2520: 00007ffa27689000-00007ffa2768cfff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
152. 2d4c.2520: 00007ffa2768d000-00007ffa2768dfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
153. 2d4c.2520: 00007ffa2768e000-00007ffa276c3fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
154. 2d4c.2520: 00007ffa276c4000-00007ffa2970ffff 0x0001/0x0000 0x0000000
155. 2d4c.2520: *00007ffa29710000-00007ffa29710fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
156. 2d4c.2520: 00007ffa29711000-00007ffa29785fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
157. 2d4c.2520: 00007ffa29786000-00007ffa297b7fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
158. 2d4c.2520: 00007ffa297b8000-00007ffa297b8fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
159. 2d4c.2520: 00007ffa297b9000-00007ffa297b9fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
160. 2d4c.2520: 00007ffa297ba000-00007ffa297c1fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\kernel32.dll
161. 2d4c.2520: 00007ffa297c2000-00007ffa29a3ffff 0x0001/0x0000 0x0000000
162. 2d4c.2520: *00007ffa29a40000-00007ffa29a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
163. 2d4c.2520: 00007ffa29a41000-00007ffa29b57fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
164. 2d4c.2520: 00007ffa29b58000-00007ffa29b9efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
165. 2d4c.2520: 00007ffa29b9f000-00007ffa29b9ffff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
166. 2d4c.2520: 00007ffa29ba0000-00007ffa29ba1fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
167. 2d4c.2520: 00007ffa29ba2000-00007ffa29baafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
168. 2d4c.2520: 00007ffa29bab000-00007ffa29c2ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
169. 2d4c.2520: 00007ffa29c30000-00007ffffffeffff 0x0001/0x0000 0x0000000
170. 2d4c.2520: kernel32.dll: timestamp 0xce6bbd73 (rc=VINF_SUCCESS)
171. 2d4c.2520: kernelbase.dll: timestamp 0x7b90c1b5 (rc=VINF_SUCCESS)
172. 2d4c.2520: VirtualBoxVM.exe: timestamp 0x5f08d7bc (rc=VINF_SUCCESS)
173. 2d4c.2520: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
174. 2d4c.2520: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
175. 2d4c.2520: supR3HardenedWinInit: SUPHARDNTVPKIND_SELF_PURIFICATION_LIMITED -> VINF_SUCCESS, cFixes=0
176. 2d4c.2520: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
177. 2d4c.2520: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
178. 2d4c.2520: supR3HardNtEnableThreadCreationEx:
179. 2d4c.2520: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa29ab1770 pvNtTerminateThread=00007ffa29adcac0
180. 2d4c.2520: supR3HardenedWinDoReSpawn(1): New child 2a04.335c [kernel32].
181. 2d4c.2520: supR3HardNtChildGatherData: PebBaseAddress=00000000006c1000 cbPeb=0x388
182. 2d4c.2520: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa29a40000 uNtDllChildAddr=00007ffa29a40000
183. 2d4c.2520: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa29ab1770
184. 2d4c.2520: supR3HardenedWinSetupChildInit: Initial context:
185. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff660277900 rdx=00000000006c1000
186. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
187. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
188. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
189. rip=00007ffa29aace30 rsp=00000000008ffc48 rbp=0000000000000000 ctxflags=0010001b
190. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
191. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
192. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
193. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
194. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
195. 2d4c.2520: supR3HardenedWinSetupChildInit: Start child.
196. 2d4c.2520: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
197. 2d4c.2520: supR3HardNtChildPurify: Startup delay kludge #1/0: 261 ms, 18 sleeps
198. 2d4c.2520: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
199. 2d4c.2520: *0000000000000000-000000000052ffff 0x0001/0x0000 0x0000000
200. 2d4c.2520: *0000000000530000-000000000054ffff 0x0004/0x0004 0x0020000
201. 2d4c.2520: *0000000000550000-000000000056afff 0x0002/0x0002 0x0040000
202. 2d4c.2520: 000000000056b000-000000000056ffff 0x0001/0x0000 0x0000000
203. 2d4c.2520: *0000000000570000-0000000000573fff 0x0002/0x0002 0x0040000
204. 2d4c.2520: 0000000000574000-000000000057ffff 0x0001/0x0000 0x0000000
205. 2d4c.2520: *0000000000580000-0000000000581fff 0x0004/0x0004 0x0020000
206. 2d4c.2520: 0000000000582000-00000000005fffff 0x0001/0x0000 0x0000000
207. 2d4c.2520: *0000000000600000-00000000006c0fff 0x0000/0x0004 0x0020000
208. 2d4c.2520: 00000000006c1000-00000000006c3fff 0x0004/0x0004 0x0020000
209. 2d4c.2520: 00000000006c4000-00000000007fffff 0x0000/0x0004 0x0020000
210. 2d4c.2520: *0000000000800000-00000000008fafff 0x0000/0x0004 0x0020000
211. 2d4c.2520: 00000000008fb000-00000000008fdfff 0x0104/0x0004 0x0020000
212. 2d4c.2520: 00000000008fe000-00000000008fffff 0x0004/0x0004 0x0020000
213. 2d4c.2520: 0000000000900000-000000007ffdffff 0x0001/0x0000 0x0000000
214. 2d4c.2520: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
215. 2d4c.2520: 000000007ffe1000-000000007ffe9fff 0x0001/0x0000 0x0000000
216. 2d4c.2520: *000000007ffea000-000000007ffeafff 0x0002/0x0002 0x0020000
217. 2d4c.2520: 000000007ffeb000-00007ff5aa4effff 0x0001/0x0000 0x0000000
218. 2d4c.2520: *00007ff5aa4f0000-00007ff5aa4f0fff 0x0002/0x0002 0x0040000
219. 2d4c.2520: 00007ff5aa4f1000-00007ff5aa4fffff 0x0001/0x0000 0x0000000
220. 2d4c.2520: *00007ff5aa500000-00007ff5aa522fff 0x0002/0x0002 0x0040000
221. 2d4c.2520: 00007ff5aa523000-00007ff66026ffff 0x0001/0x0000 0x0000000
222. 2d4c.2520: *00007ff660270000-00007ff660270fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
223. 2d4c.2520: 00007ff660271000-00007ff6602e6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
224. 2d4c.2520: 00007ff6602e7000-00007ff6602e7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
225. 2d4c.2520: 00007ff6602e8000-00007ff66032ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
226. 2d4c.2520: 00007ff660330000-00007ff660330fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
227. 2d4c.2520: 00007ff660331000-00007ff660331fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
228. 2d4c.2520: 00007ff660332000-00007ff660336fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
229. 2d4c.2520: 00007ff660337000-00007ff660337fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
230. 2d4c.2520: 00007ff660338000-00007ff660338fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
231. 2d4c.2520: 00007ff660339000-00007ff66033cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
232. 2d4c.2520: 00007ff66033d000-00007ff660385fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
233. 2d4c.2520: 00007ff660386000-00007ffa29a3ffff 0x0001/0x0000 0x0000000
234. 2d4c.2520: *00007ffa29a40000-00007ffa29a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
235. 2d4c.2520: 00007ffa29a41000-00007ffa29b57fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
236. 2d4c.2520: 00007ffa29b58000-00007ffa29b9efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
237. 2d4c.2520: 00007ffa29b9f000-00007ffa29baafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
238. 2d4c.2520: 00007ffa29bab000-00007ffa29bb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
239. 2d4c.2520: 00007ffa29bba000-00007ffa29bbafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
240. 2d4c.2520: 00007ffa29bbb000-00007ffa29bbdfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
241. 2d4c.2520: 00007ffa29bbe000-00007ffa29c2ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
242. 2d4c.2520: 00007ffa29c30000-00007ffffffeffff 0x0001/0x0000 0x0000000
243. 2d4c.2520: supR3HardNtChildPurify: Done after 266 ms and 0 fixes (loop #0).
244. 2a04.335c: Log file opened: 6.1.12r139181 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
245. 2a04.335c: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa29a40000 g_uNtVerCombined=0xa047ba00 (stack ~00000000008ff6d8)
246. 2a04.335c: ntdll.dll: timestamp 0xb29ecf52 (rc=VINF_SUCCESS)
247. 2a04.335c: New simple heap: #1 0000000000a00000 LB 0x400000 (for 2031616 allocation)
248. 2d4c.2520: supR3HardNtEnableThreadCreationEx:
249. 2a04.335c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
250. 2a04.335c: System32: \Device\HarddiskVolume2\Windows\System32
251. 2a04.335c: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
252. 2a04.335c: KnownDllPath: C:\WINDOWS\System32
253. 2a04.335c: supR3HardenedVmProcessInit: Opening vboxdrv stub...
254. 2a04.335c: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
255. 2a04.335c: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
256. 2a04.335c: Registered Dll notification callback with NTDLL.
257. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
258. 2a04.335c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
259. 2a04.335c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
260. 2a04.335c: supR3HardenedDllNotificationCallback: load 00007ffa27420000 LB 0x002a4000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
261. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
262. 2a04.335c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
263. 2a04.335c: supR3HardenedDllNotificationCallback: load 00007ffa29710000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
264. 2a04.335c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
265. 2a04.335c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29710000 'C:\WINDOWS\System32\KERNEL32.DLL'
266. 2a04.335c: supR3HardenedDllNotificationCallback: load 00007ff660270000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
267. 2a04.335c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
268. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
269. 2a04.335c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
270. 2a04.335c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa29ab1770 pvNtTerminateThread=00007ffa29adcac0
271. 2d4c.2520: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 80 ms.
272. 2a04.335c: \SystemRoot\System32\ntdll.dll:
273. 2a04.335c: CreationTime: 2020-05-12T23:42:09.460157100Z
274. 2a04.335c: LastWriteTime: 2020-05-12T23:42:09.585159900Z
275. 2a04.335c: ChangeTime: 2020-07-16T03:15:51.534616800Z
276. 2a04.335c: FileAttributes: 0x20
277. 2a04.335c: Size: 0x1e8460
278. 2a04.335c: NT Headers: 0xd8
279. 2a04.335c: Timestamp: 0xb29ecf52
280. 2a04.335c: Machine: 0x8664 - amd64
281. 2a04.335c: Timestamp: 0xb29ecf52
282. 2a04.335c: Image Version: 10.0
283. 2a04.335c: SizeOfImage: 0x1f0000 (2031616)
284. 2a04.335c: Resource Dir: 0x17f000 LB 0x6f310
285. 2a04.335c: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
286. 2a04.335c: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
287. 2a04.335c: ProductName: Microsoft® Windows® Operating System
288. 2a04.335c: ProductVersion: 10.0.18362.815
289. 2a04.335c: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
290. 2a04.335c: FileDescription: NT Layer DLL
291. 2a04.335c: \SystemRoot\System32\kernel32.dll:
292. 2a04.335c: CreationTime: 2020-07-16T03:11:30.388107800Z
293. 2a04.335c: LastWriteTime: 2020-07-16T03:11:30.481858000Z
294. 2a04.335c: ChangeTime: 2020-07-16T05:40:05.555950800Z
295. 2a04.335c: FileAttributes: 0x20
296. 2a04.335c: Size: 0xb0498
297. 2a04.335c: NT Headers: 0xe8
298. 2a04.335c: Timestamp: 0xce6bbd73
299. 2a04.335c: Machine: 0x8664 - amd64
300. 2a04.335c: Timestamp: 0xce6bbd73
301. 2a04.335c: Image Version: 10.0
302. 2a04.335c: SizeOfImage: 0xb2000 (729088)
303. 2a04.335c: Resource Dir: 0xb0000 LB 0x520
304. 2a04.335c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
305. 2a04.335c: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
306. 2a04.335c: ProductName: Microsoft® Windows® Operating System
307. 2a04.335c: ProductVersion: 10.0.18362.959
308. 2a04.335c: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
309. 2a04.335c: FileDescription: Windows NT BASE API Client DLL
310. 2a04.335c: \SystemRoot\System32\KernelBase.dll:
311. 2a04.335c: CreationTime: 2020-07-16T03:11:57.648343900Z
312. 2a04.335c: LastWriteTime: 2020-07-16T03:11:57.757726100Z
313. 2a04.335c: ChangeTime: 2020-07-16T05:40:15.009130300Z
314. 2a04.335c: FileAttributes: 0x20
315. 2a04.335c: Size: 0x2a4058
316. 2a04.335c: NT Headers: 0xf8
317. 2a04.335c: Timestamp: 0x7b90c1b5
318. 2a04.335c: Machine: 0x8664 - amd64
319. 2a04.335c: Timestamp: 0x7b90c1b5
320. 2a04.335c: Image Version: 10.0
321. 2a04.335c: SizeOfImage: 0x2a4000 (2768896)
322. 2a04.335c: Resource Dir: 0x27e000 LB 0x548
323. 2a04.335c: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
324. 2a04.335c: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
325. 2a04.335c: ProductName: Microsoft® Windows® Operating System
326. 2a04.335c: ProductVersion: 10.0.18362.959
327. 2a04.335c: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
328. 2a04.335c: FileDescription: Windows NT BASE API Client DLL
329. 2a04.335c: \SystemRoot\System32\apisetschema.dll:
330. 2a04.335c: CreationTime: 2019-03-19T04:43:54.837151500Z
331. 2a04.335c: LastWriteTime: 2019-03-19T04:43:54.837151500Z
332. 2a04.335c: ChangeTime: 2020-07-16T03:15:40.635835200Z
333. 2a04.335c: FileAttributes: 0x20
334. 2a04.335c: Size: 0x1d028
335. 2a04.335c: NT Headers: 0xc8
336. 2a04.335c: Timestamp: 0xd6ced080
337. 2a04.335c: Machine: 0x8664 - amd64
338. 2a04.335c: Timestamp: 0xd6ced080
339. 2a04.335c: Image Version: 10.0
340. 2a04.335c: SizeOfImage: 0x1e000 (122880)
341. 2a04.335c: Resource Dir: 0x1d000 LB 0x408
342. 2a04.335c: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
343. 2a04.335c: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
344. 2a04.335c: ProductName: Microsoft® Windows® Operating System
345. 2a04.335c: ProductVersion: 10.0.18362.1
346. 2a04.335c: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
347. 2a04.335c: FileDescription: ApiSet Schema DLL
348. 2a04.335c: NtOpenDirectoryObject failed on \Driver: 0xc0000022
349. 2a04.335c: supR3HardenedWinFindAdversaries: 0x0
350. 2a04.335c: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
351. 2a04.335c: Calling main()
352. 2a04.335c: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
353. 2a04.335c: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
354. 2a04.335c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
355. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
356. 2a04.335c: SUPR3HardenedMain: Respawn #2
357. 2a04.335c: supR3HardNtEnableThreadCreationEx:
358. 2a04.335c: supR3HardenedDllNotificationCallback: load 00007ffa28df0000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
359. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
360. 2a04.335c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
361. 2a04.335c: supR3HardenedDllNotificationCallback: load 00007ffa28f80000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
362. 2a04.335c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
363. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
364. 2a04.335c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
365. 2a04.335c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
366. 2a04.335c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll)
367. 2a04.335c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
368. 2a04.335c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
369. 2a04.335c: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
370. 2a04.335c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
371. 2a04.335c: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ntdll.dll (Input=ntdll.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
372. 2a04.335c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29a40000 'C:\WINDOWS\System32\ntdll.dll'
373. 2a04.335c: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa29ab1770 pvNtTerminateThread=00007ffa29adcac0
374. 2a04.335c: supR3HardenedWinDoReSpawn(2): New child 31b4.1be4 [kernel32].
375. 2a04.335c: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
376. 2a04.335c: supR3HardNtChildGatherData: PebBaseAddress=00000000007b9000 cbPeb=0x388
377. 2a04.335c: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007ffa29a40000 uNtDllChildAddr=00007ffa29a40000
378. 2a04.335c: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007ffa29ab1770
379. 2a04.335c: supR3HardenedWinSetupChildInit: Initial context:
380. rax=0000000000000000 rbx=0000000000000000 rcx=00007ff660277900 rdx=00000000007b9000
381. rsi=0000000000000000 rdi=0000000000000000 r8 =0000000000000000 r9 =0000000000000000
382. r10=0000000000000000 r11=0000000000000000 r12=0000000000000000 r13=0000000000000000
383. r14=0000000000000000 r15=0000000000000000 P1=0000000000000000 P2=0000000000000000
384. rip=00007ffa29aace30 rsp=00000000005cfcb8 rbp=0000000000000000 ctxflags=0010001b
385. cs=0033 ss=002b ds=0000 es=0000 fs=0000 gs=0000 eflags=00000200 mxcrx=00001f80
386. P3=0000000000000000 P4=0000000000000000 P5=0000000000000000 P6=0000000000000000
387. dr0=0000000000000000 dr1=0000000000000000 dr2=0000000000000000 dr3=0000000000000000
388. dr6=0000000000000000 dr7=0000000000000000 vcr=0000000000000000 dcr=0000000000000000
389. lbt=0000000000000000 lbf=0000000000000000 lxt=0000000000000000 lxf=0000000000000000
390. 2a04.335c: kernel32.dll: timestamp 0xce6bbd73 (rc=VINF_SUCCESS)
391. 2a04.335c: supR3HardenedWinSetupChildInit: Start child.
392. 2a04.335c: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
393. 2a04.335c: supR3HardNtChildPurify: Startup delay kludge #1/0: 262 ms, 30 sleeps
394. 2a04.335c: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
395. 2a04.335c: *0000000000000000-000000000048ffff 0x0001/0x0000 0x0000000
396. 2a04.335c: *0000000000490000-00000000004affff 0x0004/0x0004 0x0020000
397. 2a04.335c: *00000000004b0000-00000000004cafff 0x0002/0x0002 0x0040000
398. 2a04.335c: 00000000004cb000-00000000004cffff 0x0001/0x0000 0x0000000
399. 2a04.335c: *00000000004d0000-00000000005cafff 0x0000/0x0004 0x0020000
400. 2a04.335c: 00000000005cb000-00000000005cdfff 0x0104/0x0004 0x0020000
401. 2a04.335c: 00000000005ce000-00000000005cffff 0x0004/0x0004 0x0020000
402. 2a04.335c: *00000000005d0000-00000000005d3fff 0x0002/0x0002 0x0040000
403. 2a04.335c: 00000000005d4000-00000000005dffff 0x0001/0x0000 0x0000000
404. 2a04.335c: *00000000005e0000-00000000005e1fff 0x0004/0x0004 0x0020000
405. 2a04.335c: 00000000005e2000-00000000005fffff 0x0001/0x0000 0x0000000
406. 2a04.335c: *0000000000600000-00000000007b8fff 0x0000/0x0004 0x0020000
407. 2a04.335c: 00000000007b9000-00000000007bbfff 0x0004/0x0004 0x0020000
408. 2a04.335c: 00000000007bc000-00000000007fffff 0x0000/0x0004 0x0020000
409. 2a04.335c: 0000000000800000-000000007ffdffff 0x0001/0x0000 0x0000000
410. 2a04.335c: *000000007ffe0000-000000007ffe0fff 0x0002/0x0002 0x0020000
411. 2a04.335c: 000000007ffe1000-000000007ffe9fff 0x0001/0x0000 0x0000000
412. 2a04.335c: *000000007ffea000-000000007ffeafff 0x0002/0x0002 0x0020000
413. 2a04.335c: 000000007ffeb000-00007ff59277ffff 0x0001/0x0000 0x0000000
414. 2a04.335c: *00007ff592780000-00007ff592780fff 0x0002/0x0002 0x0040000
415. 2a04.335c: 00007ff592781000-00007ff59278ffff 0x0001/0x0000 0x0000000
416. 2a04.335c: *00007ff592790000-00007ff5927b2fff 0x0002/0x0002 0x0040000
417. 2a04.335c: 00007ff5927b3000-00007ff66026ffff 0x0001/0x0000 0x0000000
418. 2a04.335c: *00007ff660270000-00007ff660270fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
419. 2a04.335c: 00007ff660271000-00007ff6602e6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
420. 2a04.335c: 00007ff6602e7000-00007ff6602e7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
421. 2a04.335c: 00007ff6602e8000-00007ff66032ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
422. 2a04.335c: 00007ff660330000-00007ff660330fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
423. 2a04.335c: 00007ff660331000-00007ff660331fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
424. 2a04.335c: 00007ff660332000-00007ff660336fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
425. 2a04.335c: 00007ff660337000-00007ff660337fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
426. 2a04.335c: 00007ff660338000-00007ff660338fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
427. 2a04.335c: 00007ff660339000-00007ff66033cfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
428. 2a04.335c: 00007ff66033d000-00007ff660385fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
429. 2a04.335c: 00007ff660386000-00007ffa29a3ffff 0x0001/0x0000 0x0000000
430. 2a04.335c: *00007ffa29a40000-00007ffa29a40fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
431. 2a04.335c: 00007ffa29a41000-00007ffa29b57fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
432. 2a04.335c: 00007ffa29b58000-00007ffa29b9efff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
433. 2a04.335c: 00007ffa29b9f000-00007ffa29baafff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
434. 2a04.335c: 00007ffa29bab000-00007ffa29bb9fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
435. 2a04.335c: 00007ffa29bba000-00007ffa29bbafff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
436. 2a04.335c: 00007ffa29bbb000-00007ffa29bbdfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
437. 2a04.335c: 00007ffa29bbe000-00007ffa29c2ffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume2\Windows\System32\ntdll.dll
438. 2a04.335c: 00007ffa29c30000-00007ffffffeffff 0x0001/0x0000 0x0000000
439. 2a04.335c: VirtualBoxVM.exe: timestamp 0x5f08d7bc (rc=VINF_SUCCESS)
440. 2a04.335c: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
441. 2a04.335c: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
442. 2a04.335c: supR3HardNtChildPurify: Done after 291 ms and 0 fixes (loop #0).
443. 31b4.1be4: Log file opened: 6.1.12r139181 g_hStartupLog=0000000000000004 g_uNtVerCombined=0xa047ba00
444. 31b4.1be4: supR3HardenedVmProcessInit: uNtDllAddr=00007ffa29a40000 g_uNtVerCombined=0xa047ba00 (stack ~00000000005cf748)
445. 31b4.1be4: ntdll.dll: timestamp 0xb29ecf52 (rc=VINF_SUCCESS)
446. 31b4.1be4: New simple heap: #1 0000000000900000 LB 0x400000 (for 2031616 allocation)
447. 2a04.335c: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000a00000 LB 0x400000)
448. 2a04.335c: supR3HardNtEnableThreadCreationEx:
449. 31b4.1be4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
450. 31b4.1be4: System32: \Device\HarddiskVolume2\Windows\System32
451. 31b4.1be4: WinSxS: \Device\HarddiskVolume2\Windows\WinSxS
452. 31b4.1be4: KnownDllPath: C:\WINDOWS\System32
453. 31b4.1be4: supR3HardenedVmProcessInit: Opening vboxdrv...
454. 31b4.1be4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
455. 31b4.1be4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
456. 31b4.1be4: Registered Dll notification callback with NTDLL.
457. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel32.dll)
458. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel32.dll
459. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000004001:<flags> [calling]
460. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa27420000 LB 0x002a4000 C:\WINDOWS\System32\KERNELBASE.dll [fFlags=0x0]
461. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\KernelBase.dll)
462. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\KernelBase.dll
463. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa29710000 LB 0x000b2000 C:\WINDOWS\System32\KERNEL32.DLL [fFlags=0x0]
464. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
465. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29710000 'C:\WINDOWS\System32\KERNEL32.DLL'
466. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff660270000 LB 0x00116000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe [fFlags=0x0]
467. 31b4.1be4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
468. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
469. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe
470. 31b4.1be4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007ffa29ab1770 pvNtTerminateThread=00007ffa29adcac0
471. 2a04.335c: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 96 ms.
472. 31b4.1be4: \SystemRoot\System32\ntdll.dll:
473. 31b4.1be4: CreationTime: 2020-05-12T23:42:09.460157100Z
474. 31b4.1be4: LastWriteTime: 2020-05-12T23:42:09.585159900Z
475. 31b4.1be4: ChangeTime: 2020-07-16T03:15:51.534616800Z
476. 31b4.1be4: FileAttributes: 0x20
477. 31b4.1be4: Size: 0x1e8460
478. 31b4.1be4: NT Headers: 0xd8
479. 31b4.1be4: Timestamp: 0xb29ecf52
480. 31b4.1be4: Machine: 0x8664 - amd64
481. 31b4.1be4: Timestamp: 0xb29ecf52
482. 31b4.1be4: Image Version: 10.0
483. 31b4.1be4: SizeOfImage: 0x1f0000 (2031616)
484. 31b4.1be4: Resource Dir: 0x17f000 LB 0x6f310
485. 31b4.1be4: [Version info resource found at 0xd8! (ID/Name: 0x1; SubID/SubName: 0x409)]
486. 31b4.1be4: [Raw version resource data: 0x17f0f0 LB 0x380, codepage 0x0 (reserved 0x0)]
487. 31b4.1be4: ProductName: Microsoft® Windows® Operating System
488. 31b4.1be4: ProductVersion: 10.0.18362.815
489. 31b4.1be4: FileVersion: 10.0.18362.815 (WinBuild.160101.0800)
490. 31b4.1be4: FileDescription: NT Layer DLL
491. 31b4.1be4: \SystemRoot\System32\kernel32.dll:
492. 31b4.1be4: CreationTime: 2020-07-16T03:11:30.388107800Z
493. 31b4.1be4: LastWriteTime: 2020-07-16T03:11:30.481858000Z
494. 31b4.1be4: ChangeTime: 2020-07-16T05:40:05.555950800Z
495. 31b4.1be4: FileAttributes: 0x20
496. 31b4.1be4: Size: 0xb0498
497. 31b4.1be4: NT Headers: 0xe8
498. 31b4.1be4: Timestamp: 0xce6bbd73
499. 31b4.1be4: Machine: 0x8664 - amd64
500. 31b4.1be4: Timestamp: 0xce6bbd73
501. 31b4.1be4: Image Version: 10.0
502. 31b4.1be4: SizeOfImage: 0xb2000 (729088)
503. 31b4.1be4: Resource Dir: 0xb0000 LB 0x520
504. 31b4.1be4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
505. 31b4.1be4: [Raw version resource data: 0xb00b0 LB 0x3a4, codepage 0x0 (reserved 0x0)]
506. 31b4.1be4: ProductName: Microsoft® Windows® Operating System
507. 31b4.1be4: ProductVersion: 10.0.18362.959
508. 31b4.1be4: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
509. 31b4.1be4: FileDescription: Windows NT BASE API Client DLL
510. 31b4.1be4: \SystemRoot\System32\KernelBase.dll:
511. 31b4.1be4: CreationTime: 2020-07-16T03:11:57.648343900Z
512. 31b4.1be4: LastWriteTime: 2020-07-16T03:11:57.757726100Z
513. 31b4.1be4: ChangeTime: 2020-07-16T05:40:15.009130300Z
514. 31b4.1be4: FileAttributes: 0x20
515. 31b4.1be4: Size: 0x2a4058
516. 31b4.1be4: NT Headers: 0xf8
517. 31b4.1be4: Timestamp: 0x7b90c1b5
518. 31b4.1be4: Machine: 0x8664 - amd64
519. 31b4.1be4: Timestamp: 0x7b90c1b5
520. 31b4.1be4: Image Version: 10.0
521. 31b4.1be4: SizeOfImage: 0x2a4000 (2768896)
522. 31b4.1be4: Resource Dir: 0x27e000 LB 0x548
523. 31b4.1be4: [Version info resource found at 0x90! (ID/Name: 0x1; SubID/SubName: 0x409)]
524. 31b4.1be4: [Raw version resource data: 0x27e0b0 LB 0x3bc, codepage 0x0 (reserved 0x0)]
525. 31b4.1be4: ProductName: Microsoft® Windows® Operating System
526. 31b4.1be4: ProductVersion: 10.0.18362.959
527. 31b4.1be4: FileVersion: 10.0.18362.959 (WinBuild.160101.0800)
528. 31b4.1be4: FileDescription: Windows NT BASE API Client DLL
529. 31b4.1be4: \SystemRoot\System32\apisetschema.dll:
530. 31b4.1be4: CreationTime: 2019-03-19T04:43:54.837151500Z
531. 31b4.1be4: LastWriteTime: 2019-03-19T04:43:54.837151500Z
532. 31b4.1be4: ChangeTime: 2020-07-16T03:15:40.635835200Z
533. 31b4.1be4: FileAttributes: 0x20
534. 31b4.1be4: Size: 0x1d028
535. 31b4.1be4: NT Headers: 0xc8
536. 31b4.1be4: Timestamp: 0xd6ced080
537. 31b4.1be4: Machine: 0x8664 - amd64
538. 31b4.1be4: Timestamp: 0xd6ced080
539. 31b4.1be4: Image Version: 10.0
540. 31b4.1be4: SizeOfImage: 0x1e000 (122880)
541. 31b4.1be4: Resource Dir: 0x1d000 LB 0x408
542. 31b4.1be4: [Version info resource found at 0x48! (ID/Name: 0x1; SubID/SubName: 0x409)]
543. 31b4.1be4: [Raw version resource data: 0x1d060 LB 0x3a8, codepage 0x0 (reserved 0x0)]
544. 31b4.1be4: ProductName: Microsoft® Windows® Operating System
545. 31b4.1be4: ProductVersion: 10.0.18362.1
546. 31b4.1be4: FileVersion: 10.0.18362.1 (WinBuild.160101.0800)
547. 31b4.1be4: FileDescription: ApiSet Schema DLL
548. 31b4.1be4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
549. 31b4.1be4: supR3HardenedWinFindAdversaries: 0x0
550. 31b4.1be4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
551. 31b4.1be4: Calling main()
552. 31b4.1be4: SUPR3HardenedMain: pszProgName=VirtualBoxVM fFlags=0x2
553. 31b4.1be4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox'
554. 31b4.1be4: '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe' has no imports
555. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe)
556. 31b4.1be4: SUPR3HardenedMain: Final process, opening VBoxDrv...
557. 31b4.1be4: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000900000 LB 0x400000)
558. 31b4.1be4: supR3HardNtEnableThreadCreationEx:
559. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
560. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
561. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
562. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
563. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa21010000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
564. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
565. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
566. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
567. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa21010000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
568. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
569. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
570. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa21010000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
571. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa21010000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
572. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
573. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msasn1.dll'.
574. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'crypt32.dll'.
575. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
576. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wintrust.dll)
577. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wintrust.dll
578. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
579. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
580. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll)
581. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
582. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
583. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
584. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msasn1.dll'.
585. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\crypt32.dll)
586. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\crypt32.dll
587. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
588. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
589. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msasn1.dll)
590. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msasn1.dll
591. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
592. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
593. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcrt.dll)
594. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
595. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
596. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume2\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
597. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
598. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
599. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa294b0000 LB 0x0009e000 C:\WINDOWS\System32\msvcrt.dll [fFlags=0x0]
600. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
601. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa269a0000 LB 0x00012000 C:\WINDOWS\System32\MSASN1.dll [fFlags=0x0]
602. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
603. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa269c0000 LB 0x000fa000 C:\WINDOWS\System32\ucrtbase.dll [fFlags=0x0]
604. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ucrtbase.dll)
605. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ucrtbase.dll
606. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa27970000 LB 0x00149000 C:\WINDOWS\System32\CRYPT32.dll [fFlags=0x0]
607. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
608. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa28df0000 LB 0x00120000 C:\WINDOWS\System32\RPCRT4.dll [fFlags=0x0]
609. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
610. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa276f0000 LB 0x0005c000 C:\WINDOWS\System32\Wintrust.dll [fFlags=0x0]
611. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
612. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
613. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
614. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-synch-l1-2-0'
615. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
616. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
617. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-fibers-l1-1-1'
618. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
619. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
620. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-fibers-l1-1-1'
621. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
622. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
623. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-synch-l1-2-0'
624. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
625. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
626. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-localization-l1-2-1'
627. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa276f0000 'C:\WINDOWS\system32\Wintrust.dll'
628. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcrypt.dll)
629. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
630. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
631. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26ac0000 LB 0x00026000 C:\WINDOWS\System32\bcrypt.dll [fFlags=0x0]
632. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
633. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa26ac0000 'C:\WINDOWS\system32\bcrypt.dll'
634. 31b4.1be4: bcrypt.dll loaded at 00007ffa26ac0000, BCryptOpenAlgorithmProvider at 00007ffa26ac4c70, preloading providers:
635. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll)
636. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
637. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
638. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa277f0000 LB 0x00080000 C:\WINDOWS\System32\bcryptprimitives.dll [fFlags=0x0]
639. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
640. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa277f0000 'C:\WINDOWS\system32\bcryptprimitives.dll'
641. 31b4.1be4: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000e2d530)
642. 31b4.1be4: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000e2eaa0)
643. 31b4.1be4: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000e2eda0)
644. 31b4.1be4: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000e2f0a0)
645. 31b4.1be4: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000e2f3a0)
646. 31b4.1be4: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000e2f6a0)
647. 31b4.1be4: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000e2f9a0)
648. 31b4.1be4: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000e2fca0)
649. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa276d0000 LB 0x00017000 C:\WINDOWS\System32\CRYPTSP.dll [fFlags=0x0]
650. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptsp.dll)
651. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptsp.dll
652. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'bcrypt.dll'.
653. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rsaenh.dll)
654. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
655. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
656. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
657. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
658. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
659. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
660. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa25c30000 LB 0x00033000 C:\WINDOWS\system32\rsaenh.dll [fFlags=0x0]
661. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
662. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
663. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
664. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cryptbase.dll)
665. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptbase.dll
666. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26230000 LB 0x0000c000 C:\WINDOWS\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
667. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
668. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
669. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
670. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
671. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
672. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
673. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29710000 'C:\WINDOWS\System32\kernel32.dll'
674. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
675. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\WINTRUST.DLL (Input=WINTRUST.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
676. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa276f0000 'C:\WINDOWS\System32\WINTRUST.DLL'
677. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
678. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
679. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\CRYPT32.dll'
680. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa281e0000 LB 0x0001d000 C:\WINDOWS\System32\imagehlp.dll [fFlags=0x0]
681. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'rpcrt4.dll'.
682. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imagehlp.dll)
683. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imagehlp.dll
684. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
685. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
686. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
687. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
688. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
689. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
690. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa28f80000 LB 0x00097000 C:\WINDOWS\System32\sechost.dll [fFlags=0x0]
691. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
692. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\sechost.dll)
693. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\sechost.dll
694. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
695. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
696. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gpapi.dll)
697. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gpapi.dll
698. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa254d0000 LB 0x00022000 C:\WINDOWS\SYSTEM32\gpapi.dll [fFlags=0x0]
699. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
700. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26950000 LB 0x00023000 C:\WINDOWS\System32\profapi.dll [fFlags=0x0]
701. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\profapi.dll)
702. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\profapi.dll
703. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
704. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'crypt32.dll'.
705. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\cryptnet.dll)
706. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cryptnet.dll
707. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
708. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume2\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
709. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
710. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
711. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
712. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
713. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
714. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
715. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
716. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
717. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
718. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
719. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
720. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
721. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
722. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
723. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
724. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa1e0a0000 LB 0x0002f000 C:\WINDOWS\System32\cryptnet.dll [fFlags=0x0]
725. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
726. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
727. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
728. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
729. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
730. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
731. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
732. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
733. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
734. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
735. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
736. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
737. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
738. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
739. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
740. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
741. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
742. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
743. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
744. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
745. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
746. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
747. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
748. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
749. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
750. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
751. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
752. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
753. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
754. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\WINDOWS\System32\cryptnet.dll'
755. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
756. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa1e0a0000 'C:\Windows\System32\cryptnet.dll'
757. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa291c0000 LB 0x000a3000 C:\WINDOWS\System32\advapi32.dll [fFlags=0x0]
758. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
759. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'sechost.dll'.
760. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'rpcrt4.dll'.
761. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\advapi32.dll)
762. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\advapi32.dll
763. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
764. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
765. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
766. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
767. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
768. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume2\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
769. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\sechost.dll [lacks WinVerifyTrust]
770. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
771. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
772. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
773. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
774. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
775. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
776. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
777. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
778. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
779. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000e791e0
780. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
781. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2F110B40CF67FEF4EFA84C23431B3B42233E381F
782. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
783. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
784. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa28df0000 'C:\WINDOWS\System32\rpcrt4.dll'
785. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
786. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
787. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
788. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
789. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
790. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
791. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\SystemRoot\System32\ntdll.dll'
792. 31b4.1be4: g_pfnWinVerifyTrust=00007ffa276f61f0
793. 31b4.1be4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
794. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
795. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
796. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
797. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
798. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
799. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
800. 31b4.1be4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\crypt32.dll'
801. 31b4.1be4: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
802. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
803. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
804. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
805. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
806. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
807. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
808. 31b4.1be4: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\wintrust.dll'
809. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
810. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
811. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
812. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
813. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\advapi32.dll'
814. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume2\Windows\System32\cryptnet.dll
815. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
816. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
817. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=09032EBC3D9D9BDDC0EE4A6463C043296B79FF20
818. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
819. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
820. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
821. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
822. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
823. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptnet.dll'
824. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
825. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
826. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
827. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\profapi.dll'
828. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
829. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
830. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
831. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gpapi.dll'
832. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
833. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
834. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
835. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\sechost.dll'
836. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
837. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
838. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
839. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imagehlp.dll'
840. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
841. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
842. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
843. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptbase.dll'
844. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
845. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
846. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
847. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
848. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
849. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rsaenh.dll'
850. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
851. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
852. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
853. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
854. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cryptsp.dll'
855. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
856. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
857. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll'
858. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
859. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
860. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll'
861. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
862. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
863. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ucrtbase.dll'
864. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
865. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
866. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll'
867. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
868. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
869. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msasn1.dll'
870. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
871. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
872. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll'
873. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
874. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
875. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
876. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.exe'
877. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
878. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
879. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\KernelBase.dll'
880. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
881. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
882. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel32.dll'
883. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\system32\crypt32.dll'
884. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xa05cc16ab081d500 CN=DESKTOP-F21INQ0
885. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
886. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
887. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
888. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xe991ee72b03db500 C=US, O=Symantec Corporation, CN=Symantec Enterprise Mobile Root for Microsoft
889. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
890. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
891. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
892. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xf3bb4d7e894b420 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC TS Root Certificate Authority 2018
893. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
894. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
895. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x67833454ced05fb9 CN=WIN-FMA-SERVER
896. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
897. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xca58a05dd401ae00 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Time Stamp Root Certificate Authority 2014
898. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
899. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x6b7bdc34cd37bb00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root G2
900. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x83085097e9afdf00 O=Digital Signature Trust Co., CN=DST Root CA X3
901. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x780679907625cc00 OU=GlobalSign Root CA - R3, O=GlobalSign, CN=GlobalSign
902. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
903. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xeae16ef49d40be00 C=GB, ST=Greater Manchester, L=Salford, O=Comodo CA Limited, CN=AAA Certificate Services
904. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x8ff6fc03c1edbd00 C=US, ST=Arizona, L=Scottsdale, O=Starfield Technologies, Inc., CN=Starfield Root Certificate Authority - G2
905. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xc6fa4243b695b600 C=US, O=Entrust, Inc., OU=www.entrust.net/CPS is incorporated by reference, OU=(c) 2006 Entrust, Inc., CN=Entrust Root Certification Authority
906. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
907. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x560ad29254e89100 C=GB, ST=Greater Manchester, L=Salford, O=COMODO CA Limited, CN=COMODO RSA Certification Authority
908. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xa671e9fec832b700 C=US, O=Starfield Technologies, Inc., OU=Starfield Class 2 Certification Authority
909. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
910. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
911. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xc9edb72b684ba00 C=US, O=Entrust, Inc., OU=See www.entrust.net/legal-terms, OU=(c) 2009 Entrust, Inc. - for authorized use only, CN=Entrust Root Certification Authority - G2
912. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xf5cd95e581a4ab00 C=US, O=SecureTrust Corporation, CN=SecureTrust CA
913. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x6f2ebe0e24cfa600 OU=GlobalSign Root CA - R2, O=GlobalSign, CN=GlobalSign
914. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
915. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, [email protected]
916. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x7c4fd32ec1b1ce00 C=PL, O=Unizeto Sp. z o.o., CN=Certum CA
917. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
918. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x1b8578514b74ac00 C=US, O=WFA Hotspot 2.0, CN=Hotspot 2.0 Trust Root CA - 03
919. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
920. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
921. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xb16dd37ffeb3b300 C=JP, O=SECOM Trust.net, OU=Security Communication RootCA1
922. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x3401b15e3761c700 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2008 VeriSign, Inc. - For authorized use only, CN=VeriSign Universal Root Certification Authority
923. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xc30e361765128000 C=US, ST=New Jersey, L=Jersey City, O=The USERTRUST Network, CN=USERTrust RSA Certification Authority
924. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
925. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xc2ba72a37dfbe300 C=PL, O=Unizeto Technologies S.A., OU=Certum Certification Authority, CN=Certum Trusted Network CA
926. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xcec3d46562b9be8e C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft ECC Product Root Certificate Authority 2018
927. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
928. 31b4.1be4: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
929. 31b4.1be4: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=45
930. 31b4.1be4: SUPR3HardenedMain: Load Runtime...
931. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
932. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
933. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
934. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
935. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
936. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
937. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
938. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
939. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
940. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
941. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
942. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
943. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ws2_32.dll) WinVerifyTrust
944. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
945. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
946. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
947. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
948. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
949. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
950. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
951. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
952. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
953. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
954. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
955. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
956. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
957. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
958. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
959. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
960. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
961. 31b4.1be4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
962. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll)
963. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
964. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
965. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
966. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
967. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
968. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
969. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
970. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00000000522a0000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
971. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
972. 31b4.1be4: supR3HardenedDllNotificationCallback: load 0000000051720000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
973. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
974. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa290f0000 LB 0x0006f000 C:\WINDOWS\System32\WS2_32.dll [fFlags=0x0]
975. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
976. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9e60f0000 LB 0x005d6000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
977. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
978. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
979. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
980. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
981. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
982. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
983. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
984. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
985. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
986. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
987. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
988. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
989. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
990. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
991. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
992. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
993. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
994. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
995. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
996. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
997. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
998. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
999. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1000. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1001. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1002. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1003. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1004. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1005. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1006. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1007. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1008. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1009. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1010. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1011. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1012. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1013. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1014. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1015. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1016. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1017. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1018. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1019. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1020. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1021. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1022. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1023. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1024. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1025. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1026. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1027. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1028. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1029. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1030. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1031. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1032. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1033. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1034. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1035. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1036. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1037. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1038. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1039. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1040. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1041. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1042. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1043. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1044. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1045. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1046. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1047. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1048. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1049. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1050. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1051. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1052. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1053. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1054. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1055. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1056. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1057. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1058. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1059. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1060. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1061. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1062. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1063. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1064. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1065. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1066. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1067. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1068. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1069. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1070. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1071. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1072. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1073. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1074. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1075. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1076. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1077. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1078. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1079. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1080. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1081. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1082. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1083. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1084. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1085. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1086. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1087. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1088. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1089. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1090. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1091. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1092. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1093. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1094. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1095. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1096. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1097. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1098. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1099. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1100. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1101. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1102. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1103. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1104. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1105. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1106. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1107. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1108. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1109. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1110. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1111. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1112. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1113. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1114. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1115. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1116. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1117. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1118. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1119. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1120. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1121. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1122. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1123. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1124. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1125. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1126. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1127. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1128. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1129. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1130. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1131. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1132. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1133. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1134. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1135. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1136. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1137. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1138. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1139. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxRT.dll
1140. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1141. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1142. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1143. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1144. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1145. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1146. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1147. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1148. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1149. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1150. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1151. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1152. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1153. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1154. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e60f0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1155. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1156. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll'
1157. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wintrust.dll
1158. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1159. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa276f0000 'C:\WINDOWS\system32\Wintrust.dll'
1160. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
1161. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1162. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1163. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1164. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1165. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1166. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\system32\crypt32.dll'
1167. 31b4.1be4: SUPR3HardenedMain: Load TrustedMain...
1168. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1169. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1170. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'uicommon.dll'.
1171. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
1172. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcp100.dll'.
1173. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcr100.dll'.
1174. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qt5corevbox.dll'.
1175. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qt5guivbox.dll'.
1176. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qt5widgetsvbox.dll'.
1177. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5openglvbox.dll'.
1178. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'user32.dll'.
1179. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'ole32.dll'.
1180. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'oleaut32.dll'.
1181. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'winmm.dll'.
1182. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll) WinVerifyTrust
1183. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1184. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1185. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1186. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1187. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1188. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1189. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'msvcrt.dll'.
1190. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmm.dll) WinVerifyTrust
1191. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmm.dll
1192. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1193. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1194. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1195. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1196. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1197. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1198. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1199. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1200. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1201. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winmmbase.dll)
1202. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winmmbase.dll
1203. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1204. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1205. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1206. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1207. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
1208. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1209. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1210. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1211. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'combase.dll'.
1212. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'rpcrt4.dll'.
1213. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\oleaut32.dll) WinVerifyTrust
1214. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1215. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1216. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1217. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1218. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1219. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1220. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1221. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1222. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
1223. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'bcryptprimitives.dll'.
1224. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\combase.dll)
1225. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\combase.dll
1226. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1227. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1228. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1229. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll)
1230. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
1231. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
1232. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
1233. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
1234. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1235. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1236. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1237. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1238. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
1239. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'gdi32.dll'.
1240. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'user32.dll'.
1241. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #58 'combase.dll'.
1242. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ole32.dll) WinVerifyTrust
1243. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ole32.dll
1244. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1245. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1246. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1247. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1248. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [lacks WinVerifyTrust]
1249. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1250. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1251. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1252. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1253. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1254. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll)
1255. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\user32.dll
1256. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1257. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1258. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1259. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'win32u.dll'.
1260. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32.dll)
1261. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1262. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1263. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1264. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1265. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1266. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1267. 31b4.1be4: '\Device\HarddiskVolume2\Windows\System32\win32u.dll' has no imports
1268. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\win32u.dll)
1269. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\win32u.dll
1270. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1271. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1272. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1273. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1274. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1275. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1276. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1277. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1278. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
1279. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'gdi32.dll'.
1280. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\user32.dll) WinVerifyTrust
1281. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5openglvbox.dll'...
1282. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5openglvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5openglvbox.dll' [rcNtRedir=0xc0150008]
1283. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1284. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1285. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1286. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1287. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1288. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [lacks WinVerifyTrust]
1289. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1290. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'qt5widgetsvbox.dll'.
1291. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qt5guivbox.dll'.
1292. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1293. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1294. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll) WinVerifyTrust
1295. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1296. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1297. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1298. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1299. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1300. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1301. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1302. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1303. 31b4.1be4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'.
1304. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1305. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shell32.dll'.
1306. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ole32.dll'.
1307. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
1308. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
1309. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'mpr.dll'.
1310. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcp100.dll'.
1311. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'msvcr100.dll'.
1312. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll)
1313. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1314. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1315. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1316. 31b4.1be4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'.
1317. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ole32.dll'.
1318. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1319. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1320. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1321. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5corevbox.dll'.
1322. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1323. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1324. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll)
1325. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1326. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1327. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1328. 31b4.1be4: Detected WinVerifyTrust recursion: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1329. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1330. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1331. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1332. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1333. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1334. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1335. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1336. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 24202 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll)
1337. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll
1338. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1339. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1340. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1341. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1342. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1343. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1344. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1345. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1346. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1347. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #77 'user32.dll'.
1348. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #79 'gdi32.dll'.
1349. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shell32.dll)
1350. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shell32.dll
1351. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1352. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1353. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1354. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1355. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1356. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1357. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1358. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1359. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1360. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1361. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1362. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1363. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1364. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1365. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1366. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1367. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1368. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1369. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1370. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1371. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1372. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1373. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1374. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1375. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1376. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1377. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1378. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1379. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1380. 31b4.1be4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'.
1381. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1382. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'advapi32.dll'.
1383. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1384. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
1385. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'glu32.dll'.
1386. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\opengl32.dll)
1387. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1388. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1389. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1390. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1391. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1392. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1393. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1394. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1395. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1396. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1397. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mpr.dll'...
1398. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'mpr.dll' -> '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rcNtRedir=0xc0150008]
1399. 31b4.1be4: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1400. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\mpr.dll)
1401. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\mpr.dll
1402. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1403. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1404. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
1405. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1406. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1407. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1408. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1409. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1410. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1411. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1412. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1413. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1414. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1415. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1416. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1417. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1418. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1419. 31b4.1be4: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1420. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1421. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1422. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'opengl32.dll'.
1423. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\glu32.dll)
1424. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\glu32.dll
1425. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1426. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1427. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1428. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1429. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1430. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1431. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1432. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1433. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1434. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1435. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1436. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1437. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1438. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1439. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1440. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1441. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1442. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1443. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1444. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1445. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1446. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1447. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1448. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1449. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1450. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1451. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
1452. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1453. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1454. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1455. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5guivbox.dll'.
1456. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5corevbox.dll'.
1457. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shell32.dll'.
1458. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1459. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1460. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll) WinVerifyTrust
1461. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1462. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1463. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [redoing WinVerifyTrust]
1464. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1465. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1466. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1467. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1468. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1469. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1470. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1471. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1472. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [lacks WinVerifyTrust]
1473. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1474. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1475. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [lacks WinVerifyTrust]
1476. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1477. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1478. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [lacks WinVerifyTrust]
1479. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1480. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1481. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1482. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1483. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1484. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1485. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1486. 31b4.1be4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll'
1487. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1488. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1489. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [redoing WinVerifyTrust]
1490. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1491. 31b4.1be4: supR3HardenedScreenImage/Imports: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll'
1492. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1493. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1494. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
1495. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1496. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1497. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
1498. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1499. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1500. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uicommon.dll'...
1501. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'uicommon.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\uicommon.dll' [rcNtRedir=0xc0150008]
1502. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1503. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
1504. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcr100.dll'.
1505. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'qt5corevbox.dll'.
1506. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qt5guivbox.dll'.
1507. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qt5widgetsvbox.dll'.
1508. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
1509. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
1510. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
1511. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
1512. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
1513. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll) WinVerifyTrust
1514. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
1515. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1516. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume2\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1517. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1518. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000051c pwszName=\Device\HarddiskVolume2\Windows\System32\opengl32.dll
1519. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
1520. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
1521. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0837440FAE05EB650168FFA2D15E73182F6A3A26
1522. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1523. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1524. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1525. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1526. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1527. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1528. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1529. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1530. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1531. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1532. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
1533. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1534. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1535. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [lacks WinVerifyTrust]
1536. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5widgetsvbox.dll'...
1537. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5widgetsvbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5widgetsvbox.dll' [rcNtRedir=0xc0150008]
1538. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [lacks WinVerifyTrust]
1539. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
1540. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
1541. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1542. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
1543. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
1544. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1545. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1546. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1547. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1548. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1549. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
1550. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
1551. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1552. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1553. 31b4.1be4: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\opengl32.dll'
1554. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1555. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1556. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1557. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
1558. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1559. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1560. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1561. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1562. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1563. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1564. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1565. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1566. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1567. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'win32u.dll'.
1568. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\DXCore.dll)
1569. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\DXCore.dll
1570. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa27ac0000 LB 0x00021000 C:\WINDOWS\System32\win32u.dll [fFlags=0x0]
1571. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [avoiding WinVerifyTrust]
1572. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa27750000 LB 0x0009e000 C:\WINDOWS\System32\msvcp_win.dll [fFlags=0x0]
1573. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll [avoiding WinVerifyTrust]
1574. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26af0000 LB 0x00196000 C:\WINDOWS\System32\gdi32full.dll [fFlags=0x0]
1575. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
1576. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
1577. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'user32.dll'.
1578. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'win32u.dll'.
1579. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\gdi32full.dll)
1580. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\gdi32full.dll
1581. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa286f0000 LB 0x00026000 C:\WINDOWS\System32\GDI32.dll [fFlags=0x0]
1582. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [avoiding WinVerifyTrust]
1583. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa29270000 LB 0x00194000 C:\WINDOWS\System32\USER32.dll [fFlags=0x0]
1584. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [avoiding WinVerifyTrust]
1585. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa283b0000 LB 0x00335000 C:\WINDOWS\System32\combase.dll [fFlags=0x0]
1586. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1587. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa27920000 LB 0x0004a000 C:\WINDOWS\System32\cfgmgr32.dll [fFlags=0x0]
1588. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll)
1589. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
1590. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa25520000 LB 0x00020000 C:\WINDOWS\SYSTEM32\dxcore.dll [fFlags=0x0]
1591. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\DXCore.dll [avoiding WinVerifyTrust]
1592. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9e6ef0000 LB 0x0002c000 C:\WINDOWS\SYSTEM32\GLU32.dll [fFlags=0x0]
1593. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1594. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9e3610000 LB 0x00156000 C:\WINDOWS\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1595. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\opengl32.dll
1596. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa29550000 LB 0x000a9000 C:\WINDOWS\System32\shcore.dll [fFlags=0x0]
1597. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1598. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'rpcrt4.dll'.
1599. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #43 'combase.dll'.
1600. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\SHCore.dll)
1601. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\SHCore.dll
1602. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa268f0000 LB 0x00010000 C:\WINDOWS\System32\UMPDC.dll [fFlags=0x0]
1603. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\umpdc.dll)
1604. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\umpdc.dll
1605. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26900000 LB 0x0004a000 C:\WINDOWS\System32\powrprof.dll [fFlags=0x0]
1606. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'rpcrt4.dll'.
1607. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'umpdc.dll'.
1608. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\powrprof.dll)
1609. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\powrprof.dll
1610. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa296b0000 LB 0x00052000 C:\WINDOWS\System32\shlwapi.dll [fFlags=0x0]
1611. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1612. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #44 'gdi32.dll'.
1613. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #45 'user32.dll'.
1614. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\shlwapi.dll)
1615. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
1616. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26980000 LB 0x00011000 C:\WINDOWS\System32\kernel.appcore.dll [fFlags=0x0]
1617. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'msvcrt.dll'.
1618. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
1619. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll)
1620. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll
1621. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26c90000 LB 0x00782000 C:\WINDOWS\System32\windows.storage.dll [fFlags=0x0]
1622. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'combase.dll'.
1623. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'msvcp_win.dll'.
1624. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'rpcrt4.dll'.
1625. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #56 'profapi.dll'.
1626. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\windows.storage.dll)
1627. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\windows.storage.dll
1628. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa27af0000 LB 0x006e6000 C:\WINDOWS\System32\SHELL32.dll [fFlags=0x0]
1629. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll [avoiding WinVerifyTrust]
1630. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa28720000 LB 0x00157000 C:\WINDOWS\System32\ole32.dll [fFlags=0x0]
1631. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
1632. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa18770000 LB 0x0001b000 C:\WINDOWS\SYSTEM32\MPR.dll [fFlags=0x0]
1633. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\mpr.dll [avoiding WinVerifyTrust]
1634. 31b4.1be4: supR3HardenedDllNotificationCallback: load 0000000051d30000 LB 0x00565000 C:\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll [fFlags=0x0]
1635. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
1636. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9e37d0000 LB 0x005f7000 C:\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll [fFlags=0x0]
1637. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
1638. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00000000517c0000 LB 0x00561000 C:\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [fFlags=0x0]
1639. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 24202 (0x5e8a)) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll [avoiding WinVerifyTrust]
1640. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa29020000 LB 0x000c5000 C:\WINDOWS\System32\OLEAUT32.dll [fFlags=0x0]
1641. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
1642. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9e3dd0000 LB 0x02316000 C:\Program Files\Oracle\VirtualBox\UICommon.dll [fFlags=0x0]
1643. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\UICommon.dll
1644. 31b4.1be4: supR3HardenedDllNotificationCallback: load 0000000051380000 LB 0x00054000 C:\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll [fFlags=0x0]
1645. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5OpenGLVBox.dll
1646. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa23610000 LB 0x0002d000 C:\WINDOWS\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
1647. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1648. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa23640000 LB 0x00024000 C:\WINDOWS\SYSTEM32\WINMM.dll [fFlags=0x0]
1649. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
1650. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9d6740000 LB 0x001c8000 C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll [fFlags=0x0]
1651. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll
1652. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1653. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1654. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1655. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1656. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1657. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1658. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1659. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1660. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1661. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1662. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1663. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1664. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1665. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1666. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1667. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1668. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1669. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1670. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1671. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1672. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1673. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1674. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1675. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1676. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1677. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1678. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1679. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1680. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1681. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1682. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1683. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1684. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1685. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
1686. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1687. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
1688. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1689. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
1690. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
1691. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
1692. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
1693. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
1694. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1695. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1696. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1697. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1698. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1699. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1700. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
1701. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1702. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1703. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [redoing WinVerifyTrust]
1704. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1705. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\combase.dll
1706. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1707. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1708. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1709. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1710. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1711. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1712. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [redoing WinVerifyTrust]
1713. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1714. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\user32.dll
1715. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1716. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1717. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1718. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1719. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1720. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1721. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1722. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'umpdc.dll'...
1723. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'umpdc.dll' -> '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rcNtRedir=0xc0150008]
1724. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\umpdc.dll [redoing WinVerifyTrust]
1725. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1726. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\umpdc.dll
1727. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1728. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1729. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1730. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1731. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll [redoing WinVerifyTrust]
1732. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1733. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\combase.dll
1734. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1735. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1736. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
1737. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1738. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1739. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1740. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1741. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1742. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1743. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\win32u.dll
1744. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1745. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1746. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [redoing WinVerifyTrust]
1747. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1748. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\user32.dll
1749. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1750. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1751. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1752. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1753. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\gdi32.dll
1754. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1755. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1756. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1757. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1758. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
1759. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
1760. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
1761. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [redoing WinVerifyTrust]
1762. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1763. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\win32u.dll
1764. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
1765. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
1766. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll [redoing WinVerifyTrust]
1767. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1768. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
1769. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1770. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29710000 'C:\WINDOWS\System32\kernel32.dll'
1771. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1772. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1773. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1774. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1775. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1776. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1777. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1778. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1779. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1780. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1781. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1782. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1783. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1784. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1785. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1786. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1787. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1788. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1789. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1790. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1791. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1792. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1793. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1794. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1795. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1796. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1797. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1798. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1799. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1800. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1801. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1802. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1803. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1804. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
1805. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1806. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
1807. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1808. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
1809. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1810. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1811. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1812. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1813. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1814. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1815. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1816. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1817. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1818. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1819. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1820. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1821. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1822. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1823. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1824. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1825. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1826. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1827. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1828. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1829. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1830. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1831. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1832. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1833. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1834. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1835. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1836. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1837. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1838. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1839. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1840. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1841. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1842. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
1843. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1844. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
1845. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1846. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
1847. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-string-l1-1-0) -> 0x0, fPresent=1
1848. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-string-l1-1-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1849. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-string-l1-1-0'
1850. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1851. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1852. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1853. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1854. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1855. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1856. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1857. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1858. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1859. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1860. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1861. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1862. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1863. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1864. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1865. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1866. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1867. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1868. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1869. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1870. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1871. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1872. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1873. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1874. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1875. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1876. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1877. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1878. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1879. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1880. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1881. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1882. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1883. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
1884. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1885. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
1886. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1887. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
1888. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1889. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1890. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1891. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1892. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1893. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1894. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1895. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1896. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1897. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1898. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1899. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1900. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1901. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1902. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1903. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1904. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1905. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1906. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1907. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1908. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1909. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1910. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1911. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1912. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1913. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1914. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1915. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1916. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1917. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1918. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1919. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1920. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1921. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
1922. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1923. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
1924. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1925. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
1926. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-datetime-l1-1-1) -> 0x0, fPresent=1
1927. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-datetime-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1928. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-datetime-l1-1-1'
1929. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1930. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1931. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1932. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1933. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1934. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1935. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1936. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1937. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1938. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1939. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1940. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1941. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1942. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1943. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1944. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1945. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1946. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1947. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1948. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1949. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1950. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1951. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1952. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1953. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1954. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1955. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1956. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1957. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1958. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1959. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1960. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1961. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
1962. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
1963. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
1964. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
1965. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
1966. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
1967. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
1968. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
1969. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
1970. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
1971. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
1972. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
1973. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
1974. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
1975. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
1976. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
1977. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
1978. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
1979. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
1980. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
1981. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
1982. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
1983. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
1984. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
1985. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
1986. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
1987. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
1988. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
1989. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
1990. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
1991. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
1992. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
1993. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
1994. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
1995. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
1996. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
1997. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
1998. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
1999. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
2000. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
2001. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
2002. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
2003. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
2004. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
2005. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-2-0) -> 0x0, fPresent=1
2006. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2007. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-localization-obsolete-l1-2-0'
2008. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
2009. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
2010. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
2011. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
2012. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
2013. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
2014. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
2015. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
2016. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
2017. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
2018. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
2019. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
2020. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
2021. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
2022. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
2023. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
2024. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
2025. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
2026. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
2027. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
2028. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
2029. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
2030. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
2031. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
2032. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2033. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2034. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
2035. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
2036. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
2037. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
2038. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
2039. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
2040. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
2041. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
2042. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
2043. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
2044. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
2045. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
2046. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
2047. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
2048. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
2049. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
2050. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
2051. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
2052. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
2053. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
2054. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
2055. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
2056. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
2057. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
2058. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
2059. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
2060. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
2061. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
2062. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
2063. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
2064. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
2065. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
2066. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
2067. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
2068. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
2069. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
2070. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2071. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2072. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
2073. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
2074. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
2075. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
2076. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
2077. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
2078. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
2079. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
2080. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
2081. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
2082. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
2083. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
2084. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
2085. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
2086. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'win32u.dll'.
2087. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\imm32.dll)
2088. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\imm32.dll
2089. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2090. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2091. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll [redoing WinVerifyTrust]
2092. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
2093. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\win32u.dll
2094. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2095. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2096. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll [redoing WinVerifyTrust]
2097. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
2098. 31b4.1be4: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume2\Windows\System32\user32.dll
2099. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\IMM32.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2100. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa28dc0000 LB 0x0002e000 C:\WINDOWS\System32\IMM32.DLL [fFlags=0x0]
2101. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
2102. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa28dc0000 'C:\WINDOWS\system32\IMM32.DLL'
2103. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
2104. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rescheduled]
2105. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
2106. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
2107. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
2108. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
2109. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
2110. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
2111. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
2112. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
2113. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
2114. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
2115. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
2116. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
2117. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
2118. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
2119. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
2120. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
2121. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
2122. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
2123. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
2124. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
2125. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
2126. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
2127. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
2128. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
2129. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2130. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2131. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
2132. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
2133. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
2134. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
2135. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
2136. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
2137. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
2138. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
2139. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
2140. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
2141. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
2142. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
2143. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
2144. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rescheduled]
2145. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
2146. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
2147. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
2148. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
2149. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
2150. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
2151. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
2152. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
2153. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
2154. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
2155. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
2156. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
2157. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
2158. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
2159. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
2160. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
2161. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
2162. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
2163. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
2164. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
2165. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
2166. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
2167. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
2168. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
2169. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2170. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2171. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
2172. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
2173. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
2174. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
2175. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
2176. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
2177. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
2178. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
2179. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
2180. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
2181. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
2182. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
2183. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2184. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ADVAPI32.DLL (Input=ADVAPI32.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2185. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa291c0000 'C:\WINDOWS\System32\ADVAPI32.DLL'
2186. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\imm32.dll'.
2187. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rescheduled]
2188. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'.
2189. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll' [rescheduled]
2190. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'.
2191. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll' [rescheduled]
2192. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'.
2193. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rescheduled]
2194. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'.
2195. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll' [rescheduled]
2196. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'.
2197. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll' [rescheduled]
2198. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'.
2199. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll' [rescheduled]
2200. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'.
2201. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rescheduled]
2202. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'.
2203. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll' [rescheduled]
2204. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'.
2205. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll' [rescheduled]
2206. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume2\Windows\System32\glu32.dll'.
2207. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll' [rescheduled]
2208. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\mpr.dll'.
2209. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll' [rescheduled]
2210. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\shell32.dll'.
2211. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rescheduled]
2212. 31b4.1be4: Detected loader lock ownership: rc=Unknown Status 24202 (0x5e8a) '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'.
2213. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 24202 (was 24202) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll' [rescheduled]
2214. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\win32u.dll'.
2215. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rescheduled]
2216. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'.
2217. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rescheduled]
2218. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\user32.dll'.
2219. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rescheduled]
2220. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'.
2221. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rescheduled]
2222. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\combase.dll'.
2223. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rescheduled]
2224. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'.
2225. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rescheduled]
2226. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9d6740000 'C:\Program Files\Oracle\VirtualBox\VirtualBoxVM.dll'
2227. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2228. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2229. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\imm32.dll'
2230. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2231. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2232. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\windows.storage.dll'
2233. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2234. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2235. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\kernel.appcore.dll'
2236. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2237. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2238. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll'
2239. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2240. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2241. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\powrprof.dll'
2242. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2243. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2244. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\umpdc.dll'
2245. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2246. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2247. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\SHCore.dll'
2248. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2249. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2250. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll'
2251. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2252. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2253. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32full.dll'
2254. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2255. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2256. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\DXCore.dll'
2257. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000524 pwszName=\Device\HarddiskVolume2\Windows\System32\glu32.dll
2258. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2259. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2260. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F356C86D0A2DBA0570D09B39D4AF818DFCB17010
2261. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2262. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2263. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0212~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\glu32.dll'
2264. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2265. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\glu32.dll'
2266. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2267. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2268. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\mpr.dll'
2269. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2270. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2271. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\shell32.dll'
2272. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2273. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 24202) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5WidgetsVBox.dll'
2274. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2275. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2276. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\win32u.dll'
2277. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2278. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2279. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\gdi32.dll'
2280. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2281. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2282. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\user32.dll'
2283. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2284. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2285. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll'
2286. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2287. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2288. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\combase.dll'
2289. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rsaenh.dll
2290. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2291. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2292. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2293. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll'
2294. 31b4.1be4: SUPR3HardenedMain: Calling TrustedMain (00007ff9d67416c0)...
2295. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2296. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
2297. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ole32.dll'.
2298. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2299. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
2300. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
2301. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2302. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
2303. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'advapi32.dll'.
2304. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'qt5guivbox.dll'.
2305. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'qt5corevbox.dll'.
2306. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'msvcr100.dll'.
2307. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll) WinVerifyTrust
2308. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2309. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2310. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2311. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5corevbox.dll'...
2312. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5corevbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5corevbox.dll' [rcNtRedir=0xc0150008]
2313. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5CoreVBox.dll
2314. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qt5guivbox.dll'...
2315. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'qt5guivbox.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\qt5guivbox.dll' [rcNtRedir=0xc0150008]
2316. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\Qt5GuiVBox.dll
2317. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2318. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2319. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2320. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
2321. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume2\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
2322. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2323. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2324. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2325. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2326. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2327. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2328. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2329. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2330. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2331. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
2332. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2333. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2334. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2335. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2336. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2337. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2338. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2339. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2340. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2341. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ff9e34e0000 LB 0x0012e000 C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll [fFlags=0x0]
2342. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\platforms\qwindows.dll
2343. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e34e0000 'C:\Program Files\Oracle\VirtualBox\platforms\qwindows.dll'
2344. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000062c pwszName=\Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2345. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2346. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2347. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=286AD1CEC16EFDCA5718925D19E68A486A5851A0
2348. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2349. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2350. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0415~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\uxtheme.dll'
2351. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2352. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2353. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'gdi32.dll'.
2354. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'user32.dll'.
2355. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\uxtheme.dll) WinVerifyTrust
2356. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2357. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2358. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2359. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2360. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2361. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2362. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2363. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2364. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2365. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa24eb0000 LB 0x00099000 C:\WINDOWS\system32\uxtheme.dll [fFlags=0x0]
2366. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2367. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa24eb0000 'C:\WINDOWS\system32\uxtheme.dll'
2368. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29270000 'C:\WINDOWS\system32\user32.dll'
2369. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2370. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2371. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
2372. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll
2373. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\SHCore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2374. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29550000 'C:\WINDOWS\system32\SHCore.dll'
2375. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\WINDOWS\system32\wintab32.dll': 0 (NtPath=\??\C:\WINDOWS\system32\wintab32.dll; Input=C:\WINDOWS\system32\wintab32.dll; rcNtGetDll=0x0
2376. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000034 'C:\WINDOWS\system32\wintab32.dll'
2377. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2378. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2379. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\system32\winmm.dll'
2380. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
2381. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2382. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\system32\winmm.dll'
2383. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2384. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2385. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
2386. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\uxtheme.dll
2387. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2388. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa24eb0000 'C:\WINDOWS\system32\uxtheme.dll'
2389. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2390. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2391. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa291c0000 'C:\WINDOWS\system32\advapi32.dll'
2392. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2393. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2394. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'rpcrt4.dll'.
2395. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'profapi.dll'.
2396. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\userenv.dll) WinVerifyTrust
2397. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\userenv.dll
2398. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
2399. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
2400. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\profapi.dll
2401. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2402. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2403. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2404. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2405. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa26810000 LB 0x00025000 C:\WINDOWS\system32\userenv.dll [fFlags=0x0]
2406. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2407. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa26810000 'C:\WINDOWS\system32\userenv.dll'
2408. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\kernel32.dll
2409. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\kernel32.dll (Input=kernel32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2410. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29710000 'C:\WINDOWS\System32\kernel32.dll'
2411. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa29600000 LB 0x000a2000 C:\WINDOWS\System32\clbcatq.dll [fFlags=0x0]
2412. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2413. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #30 'rpcrt4.dll'.
2414. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\clbcatq.dll)
2415. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\clbcatq.dll
2416. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2417. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2418. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2419. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2420. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2421. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2422. 31b4.2154: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\clbcatq.dll'
2423. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2424. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2425. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2426. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2427. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'advapi32.dll'.
2428. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2429. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2430. 31b4.2154: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2431. 31b4.2154: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2432. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2433. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2434. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2435. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2436. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2437. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2438. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2439. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2440. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2441. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2442. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2443. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2444. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2445. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll
2446. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2447. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2448. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2449. 31b4.2154: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2450. 31b4.2154: supR3HardenedDllNotificationCallback: load 00007ff9e3030000 LB 0x003be000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2451. 31b4.2154: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
2452. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e3030000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2453. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2454. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2455. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2456. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2457. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'shlwapi.dll'.
2458. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ole32.dll'.
2459. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'oleaut32.dll'.
2460. 31b4.2154: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
2461. 31b4.2154: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll) WinVerifyTrust
2462. 31b4.2154: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2463. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2464. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2465. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2466. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2467. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2468. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2469. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2470. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2471. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
2472. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
2473. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shlwapi.dll
2474. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2475. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2476. 31b4.2154: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\advapi32.dll
2477. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2478. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2479. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2480. 31b4.2154: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2481. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2482. 31b4.2154: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2483. 31b4.2154: supR3HardenedDllNotificationCallback: load 00007ff9e33f0000 LB 0x000ef000 C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll [fFlags=0x0]
2484. 31b4.2154: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll
2485. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e33f0000 'C:\Program Files\Oracle\VirtualBox\VBoxProxyStub.dll'
2486. 31b4.2154: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2487. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2488. 31b4.2154: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29020000 'C:\Windows\System32\oleaut32.dll'
2489. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa286f0000 'C:\WINDOWS\system32\gdi32.dll'
2490. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2491. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2492. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
2493. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa28200000 LB 0x00135000 C:\WINDOWS\System32\MSCTF.dll [fFlags=0x0]
2494. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2495. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'oleaut32.dll'.
2496. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'user32.dll'.
2497. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #39 'gdi32.dll'.
2498. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #40 'imm32.dll'.
2499. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'advapi32.dll'.
2500. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msctf.dll)
2501. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msctf.dll
2502. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2503. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2504. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
2505. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
2506. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\imm32.dll
2507. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2508. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2509. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2510. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2511. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\user32.dll
2512. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2513. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2514. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2515. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2516. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2517. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2518. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2519. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\msctf.dll'
2520. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000096c pwszName=\Device\HarddiskVolume2\Windows\System32\DataExchange.dll
2521. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2522. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2523. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=AF758F581E6ED4B195B000E1E88DA05815FF2C72
2524. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2525. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2526. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0410~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\DataExchange.dll'
2527. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2528. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2529. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'shcore.dll'.
2530. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'combase.dll'.
2531. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #34 'd3d11.dll'.
2532. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'dcomp.dll'.
2533. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\DataExchange.dll) WinVerifyTrust
2534. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\DataExchange.dll
2535. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dcomp.dll'...
2536. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dcomp.dll' -> '\Device\HarddiskVolume2\Windows\System32\dcomp.dll' [rcNtRedir=0xc0150008]
2537. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2538. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2539. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'win32u.dll'.
2540. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp_win.dll'.
2541. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dcomp.dll) WinVerifyTrust
2542. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dcomp.dll
2543. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'd3d11.dll'...
2544. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'd3d11.dll' -> '\Device\HarddiskVolume2\Windows\System32\d3d11.dll' [rcNtRedir=0xc0150008]
2545. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2546. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2547. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
2548. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2549. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2550. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll
2551. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2552. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2553. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2554. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'dxgi.dll'.
2555. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'win32u.dll'.
2556. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\d3d11.dll) WinVerifyTrust
2557. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\d3d11.dll
2558. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2559. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2560. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll
2561. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
2562. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume2\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
2563. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll
2564. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2565. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2566. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2567. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2568. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\win32u.dll
2569. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dxgi.dll'...
2570. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'dxgi.dll' -> '\Device\HarddiskVolume2\Windows\System32\dxgi.dll' [rcNtRedir=0xc0150008]
2571. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2572. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2573. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2574. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'win32u.dll'.
2575. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dxgi.dll) WinVerifyTrust
2576. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dxgi.dll
2577. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2578. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2579. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
2580. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'win32u.dll'...
2581. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'win32u.dll' -> '\Device\HarddiskVolume2\Windows\System32\win32u.dll' [rcNtRedir=0xc0150008]
2582. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2583. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2584. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dataexchange.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2585. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\DataExchange.dll
2586. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\d3d11.dll
2587. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dcomp.dll
2588. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dxgi.dll
2589. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa255b0000 LB 0x000eb000 C:\WINDOWS\system32\dxgi.dll [fFlags=0x0]
2590. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dxgi.dll
2591. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa241b0000 LB 0x0025b000 C:\WINDOWS\system32\d3d11.dll [fFlags=0x0]
2592. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\d3d11.dll
2593. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa24410000 LB 0x001dd000 C:\WINDOWS\system32\dcomp.dll [fFlags=0x0]
2594. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dcomp.dll
2595. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa03c70000 LB 0x0003a000 C:\WINDOWS\system32\dataexchange.dll [fFlags=0x0]
2596. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\DataExchange.dll
2597. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa286f0000 'C:\WINDOWS\System32\gdi32.dll'
2598. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa03c70000 'C:\WINDOWS\system32\dataexchange.dll'
2599. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rmclient.dll'.
2600. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #31 'rpcrt4.dll'.
2601. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'combase.dll'.
2602. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #50 'msvcp_win.dll'.
2603. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll)
2604. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll
2605. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2606. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'rpcrt4.dll'.
2607. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\rmclient.dll)
2608. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\rmclient.dll
2609. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa25050000 LB 0x00029000 C:\WINDOWS\system32\RMCLIENT.dll [fFlags=0x0]
2610. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rmclient.dll [avoiding WinVerifyTrust]
2611. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa24c20000 LB 0x00262000 C:\WINDOWS\system32\twinapi.appcore.dll [fFlags=0x0]
2612. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll [avoiding WinVerifyTrust]
2613. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2614. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2615. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2616. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2617. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
2618. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
2619. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
2620. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
2621. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
2622. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll
2623. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2624. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2625. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rmclient.dll'...
2626. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rmclient.dll' -> '\Device\HarddiskVolume2\Windows\System32\rmclient.dll' [rcNtRedir=0xc0150008]
2627. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rmclient.dll [lacks WinVerifyTrust]
2628. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2629. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2630. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\rmclient.dll'
2631. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2632. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\crypt32.dll
2633. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2634. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2635. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\twinapi.appcore.dll'
2636. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll
2637. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Shcore.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2638. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29550000 'C:\WINDOWS\system32\Shcore.dll'
2639. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
2640. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2641. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
2642. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
2643. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ole32.dll
2644. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2645. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa28720000 'C:\WINDOWS\System32\ole32.dll'
2646. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\oleaut32.dll
2647. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2648. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29020000 'C:\WINDOWS\System32\OLEAUT32.dll'
2649. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a48 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2650. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2651. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2652. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=DB1AA7E2E4704C908EC9382E1F9E64808B9E5E1D
2653. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2654. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2655. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll'
2656. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2657. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2658. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2659. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2660. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2661. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2662. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2663. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2664. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a58 pwszName=\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2665. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2666. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2667. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=22EAF38FA276D7A374D3945ACD556FA0953D3440
2668. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2669. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2670. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll'
2671. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2672. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2673. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'bcrypt.dll'.
2674. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'ws2_32.dll'.
2675. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll) WinVerifyTrust
2676. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2677. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2678. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2679. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2680. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2681. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2682. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2683. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2684. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2685. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
2686. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
2687. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
2688. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2689. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2690. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2691. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2692. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2693. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa18f20000 LB 0x00084000 C:\WINDOWS\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2694. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2695. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa0f6e0000 LB 0x00011000 C:\WINDOWS\system32\wbem\wbemprox.dll [fFlags=0x0]
2696. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemprox.dll
2697. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(API-MS-Win-Core-LocalRegistry-L1-1-0.dll) -> 0x0, fPresent=1
2698. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2699. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2700. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0f6e0000 'C:\WINDOWS\system32\wbem\wbemprox.dll'
2701. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a7c pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2702. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2703. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2704. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=00C864D7F76A7AD25E7D0DA164B0B66188F5B7FF
2705. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2706. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2707. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll'
2708. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2709. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2710. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'rpcrt4.dll'.
2711. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2712. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2713. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2714. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2715. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2716. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2717. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2718. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2719. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa0e860000 LB 0x00014000 C:\WINDOWS\system32\wbem\wbemsvc.dll [fFlags=0x0]
2720. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\wbemsvc.dll
2721. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0e860000 'C:\WINDOWS\system32\wbem\wbemsvc.dll'
2722. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-0.dll) -> 0x0, fPresent=1
2723. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2724. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-localization-l1-2-0.dll'
2725. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-obsolete-l1-1-0.dll) -> 0x0, fPresent=1
2726. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2727. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
2728. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000984 pwszName=\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2729. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2730. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2731. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0708A64F48237CD4D5092546CE9C373F20B30CA1
2732. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2733. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2734. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package03~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll'
2735. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2736. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2737. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'wbemcomn.dll'.
2738. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2739. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2740. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2741. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume2\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2742. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbemcomn.dll
2743. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2744. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2745. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
2746. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2747. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa0e750000 LB 0x00101000 C:\WINDOWS\system32\wbem\fastprox.dll [fFlags=0x0]
2748. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wbem\fastprox.dll
2749. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0e750000 'C:\WINDOWS\system32\wbem\fastprox.dll'
2750. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ac0 pwszName=\Device\HarddiskVolume2\Windows\System32\amsi.dll
2751. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2752. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2753. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=B5D4D58A583ACAD5AA76D7DD0F2DB8ADE903942B
2754. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2755. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2756. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package04~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\amsi.dll'
2757. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2758. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2759. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'rpcrt4.dll'.
2760. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'userenv.dll'.
2761. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\amsi.dll) WinVerifyTrust
2762. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\amsi.dll
2763. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
2764. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume2\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
2765. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\userenv.dll
2766. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2767. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2768. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2769. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2770. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\amsi.dll (Input=amsi.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2771. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\amsi.dll
2772. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa0dfa0000 LB 0x00015000 C:\WINDOWS\System32\amsi.dll [fFlags=0x0]
2773. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\amsi.dll
2774. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0dfa0000 'C:\WINDOWS\System32\amsi.dll'
2775. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2776. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2777. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'advapi32.dll'.
2778. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
2779. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'oleaut32.dll'.
2780. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MpOAV.dll) WinVerifyTrust
2781. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MpOAV.dll
2782. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2783. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2784. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2785. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2786. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2787. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2788. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpOav.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2789. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MpOAV.dll
2790. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa0c010000 LB 0x00078000 C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpOav.dll [fFlags=0x0]
2791. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Platform\4.18.2006.10-0\MpOAV.dll
2792. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2793. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2794. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-synch-l1-2-0'
2795. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
2796. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2797. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-fibers-l1-1-1'
2798. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-synch-l1-2-0) -> 0x0, fPresent=1
2799. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-synch-l1-2-0 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2800. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-synch-l1-2-0'
2801. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-fibers-l1-1-1) -> 0x0, fPresent=1
2802. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-fibers-l1-1-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2803. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-fibers-l1-1-1'
2804. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-localization-l1-2-1) -> 0x0, fPresent=1
2805. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-1 (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
2806. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27420000 'api-ms-win-core-localization-l1-2-1'
2807. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\version.dll'.
2808. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2809. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\version.dll)
2810. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\version.dll
2811. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2812. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2813. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\version.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2814. 31b4.1be4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll [avoiding WinVerifyTrust]
2815. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa20630000 LB 0x0000a000 C:\WINDOWS\system32\version.dll [fFlags=0x0]
2816. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\version.dll [avoiding WinVerifyTrust]
2817. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa20630000 'C:\WINDOWS\system32\version.dll'
2818. 31b4.1be4: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume2\Windows\System32\version.dll'.
2819. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume2\Windows\System32\version.dll' [rescheduled]
2820. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa0c010000 'C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2006.10-0\MpOav.dll'
2821. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2822. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2823. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\version.dll'
2824. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa291c0000 'C:\WINDOWS\System32\ADVAPI32.dll'
2825. 31b4.1610: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2826. 31b4.1610: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2827. 31b4.1610: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2828. 31b4.1610: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2829. 31b4.1610: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2830. 31b4.1610: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2831. 31b4.1610: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2832. 31b4.1610: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2833. 31b4.1610: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2834. 31b4.1610: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2835. 31b4.1610: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2836. 31b4.1610: supR3HardenedDllNotificationCallback: load 00007ff9ca910000 LB 0x0037d000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2837. 31b4.1610: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2838. 31b4.1610: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9ca910000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2839. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2840. 31b4.2640: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2841. 31b4.2640: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2842. 31b4.2640: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2843. 31b4.2640: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
2844. 31b4.2640: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
2845. 31b4.2640: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'user32.dll'.
2846. 31b4.2640: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2847. 31b4.2640: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2848. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2849. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2850. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2851. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2852. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2853. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2854. 31b4.2640: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2855. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2856. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2857. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2858. 31b4.2640: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2859. 31b4.2640: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2860. 31b4.2640: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2861. 31b4.2640: supR3HardenedDllNotificationCallback: load 00007ffa058b0000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2862. 31b4.2640: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2863. 31b4.2640: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa058b0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2864. 31b4.28e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2865. 31b4.28e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2866. 31b4.28e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2867. 31b4.28e0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2868. 31b4.28e0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2869. 31b4.28e0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2870. 31b4.28e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2871. 31b4.28e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2872. 31b4.28e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2873. 31b4.28e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2874. 31b4.28e0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2875. 31b4.28e0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2876. 31b4.28e0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2877. 31b4.28e0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2878. 31b4.28e0: supR3HardenedDllNotificationCallback: load 00007ffa03c60000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2879. 31b4.28e0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2880. 31b4.28e0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa03c60000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2881. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\Shell32.dll'
2882. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b88 pwszName=\Device\HarddiskVolume2\Windows\System32\WinHvPlatform.dll
2883. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
2884. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
2885. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F44CBC4BAFE3CCCC07F920C1E6C13E8202CB0B4C
2886. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2887. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2888. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package02~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\WinHvPlatform.dll'
2889. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2890. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vid.dll'.
2891. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WinHvPlatform.dll) WinVerifyTrust
2892. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WinHvPlatform.dll
2893. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vid.dll'...
2894. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vid.dll' -> '\Device\HarddiskVolume2\Windows\System32\vid.dll' [rcNtRedir=0xc0150008]
2895. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2896. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2897. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\vid.dll) WinVerifyTrust
2898. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\vid.dll
2899. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\WinHvPlatform.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2900. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WinHvPlatform.dll
2901. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\vid.dll
2902. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9f6c80000 LB 0x00019000 C:\WINDOWS\SYSTEM32\vid.dll [fFlags=0x0]
2903. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\vid.dll
2904. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa03c30000 LB 0x00024000 C:\WINDOWS\system32\WinHvPlatform.dll [fFlags=0x0]
2905. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WinHvPlatform.dll
2906. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa03c30000 'C:\WINDOWS\system32\WinHvPlatform.dll'
2907. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\vid.dll
2908. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\vid.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2909. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f6c80000 'C:\WINDOWS\system32\vid.dll'
2910. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2911. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2912. 31b4.1940: '\Device\HarddiskVolume2\Windows\System32\ntdll.dll' has no imports
2913. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntdll.dll) WinVerifyTrust
2914. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntdll.dll
2915. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\NTDLL.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2916. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29a40000 'C:\WINDOWS\system32\NTDLL.DLL'
2917. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2918. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2919. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2920. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2921. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2922. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxddu.dll'.
2923. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxdd2.dll'.
2924. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'user32.dll'.
2925. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'setupapi.dll'.
2926. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ws2_32.dll'.
2927. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ole32.dll'.
2928. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'iphlpapi.dll'.
2929. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
2930. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
2931. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2932. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2933. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2934. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2935. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2936. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
2937. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2938. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2939. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2940. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2941. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
2942. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2943. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2944. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2945. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
2946. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2947. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'rpcrt4.dll'.
2948. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'cfgmgr32.dll'.
2949. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #41 'bcrypt.dll'.
2950. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\setupapi.dll) WinVerifyTrust
2951. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\setupapi.dll
2952. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2953. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2954. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
2955. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
2956. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
2957. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
2958. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcrypt.dll
2959. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
2960. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
2961. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
2962. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2963. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2964. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2965. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2966. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2967. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2968. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2969. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
2970. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2971. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
2972. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
2973. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2974. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2975. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2976. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2977. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll
2978. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
2979. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2980. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2981. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2982. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2983. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2984. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
2985. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2986. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2987. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2988. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2989. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2990. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2991. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2992. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2993. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2994. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume2\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2995. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2996. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2997. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
2998. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2999. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume2\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
3000. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3001. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3002. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3003. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3004. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3005. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
3006. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3007. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3008. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
3009. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa28880000 LB 0x00470000 C:\WINDOWS\System32\SETUPAPI.dll [fFlags=0x0]
3010. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\setupapi.dll
3011. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9e2fc0000 LB 0x00067000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
3012. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDDU.dll
3013. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9c6f00000 LB 0x0085c000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
3014. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3015. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa25dd0000 LB 0x0003a000 C:\WINDOWS\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
3016. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
3017. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9c9f20000 LB 0x009e6000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
3018. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD.dll
3019. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c9f20000 'C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL'
3020. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3021. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxC.dll
3022. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3023. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e3030000 'C:\Program Files\Oracle\VirtualBox\VBoxC.DLL'
3024. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3025. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxDD2.dll
3026. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3027. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9c6f00000 'C:\Program Files\Oracle\VirtualBox\VBoxDD2.DLL'
3028. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3029. 31b4.167c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3030. 31b4.167c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3031. 31b4.167c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
3032. 31b4.167c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3033. 31b4.167c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
3034. 31b4.167c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3035. 31b4.167c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3036. 31b4.167c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3037. 31b4.167c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3038. 31b4.167c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3039. 31b4.167c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3040. 31b4.167c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3041. 31b4.167c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3042. 31b4.167c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3043. 31b4.167c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3044. 31b4.167c: supR3HardenedDllNotificationCallback: load 00007ff9f6c60000 LB 0x00014000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
3045. 31b4.167c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
3046. 31b4.167c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9f6c60000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
3047. 31b4.7a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3048. 31b4.7a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3049. 31b4.7a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3050. 31b4.7a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
3051. 31b4.7a0: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
3052. 31b4.7a0: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
3053. 31b4.7a0: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3054. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3055. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3056. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
3057. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
3058. 31b4.7a0: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxVMM.dll
3059. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3060. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3061. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3062. 31b4.7a0: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3063. 31b4.7a0: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3064. 31b4.7a0: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3065. 31b4.7a0: supR3HardenedDllNotificationCallback: load 00007ffa022f0000 LB 0x0000c000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
3066. 31b4.7a0: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
3067. 31b4.7a0: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa022f0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
3068. 31b4.c3c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3069. 31b4.c3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
3070. 31b4.c3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
3071. 31b4.c3c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
3072. 31b4.c3c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
3073. 31b4.c3c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3074. 31b4.c3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
3075. 31b4.c3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
3076. 31b4.c3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
3077. 31b4.c3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
3078. 31b4.c3c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
3079. 31b4.c3c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
3080. 31b4.c3c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3081. 31b4.c3c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3082. 31b4.c3c: supR3HardenedDllNotificationCallback: load 00007ffa01c70000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
3083. 31b4.c3c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
3084. 31b4.c3c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa01c70000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
3085. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\IPHLPAPI.DLL
3086. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3087. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25dd0000 'C:\WINDOWS\system32\Iphlpapi.dll'
3088. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3089. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'nsi.dll'.
3090. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\winnsi.dll)
3091. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\winnsi.dll
3092. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa29420000 LB 0x00008000 C:\WINDOWS\System32\NSI.dll [fFlags=0x0]
3093. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\nsi.dll)
3094. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\nsi.dll
3095. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa21830000 LB 0x0000b000 C:\WINDOWS\SYSTEM32\WINNSI.DLL [fFlags=0x0]
3096. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
3097. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3098. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll)
3099. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
3100. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa21250000 LB 0x00016000 C:\WINDOWS\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
3101. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
3102. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3103. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
3104. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
3105. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll)
3106. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
3107. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa20f20000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
3108. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
3109. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'ws2_32.dll'.
3110. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'nsi.dll'.
3111. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dnsapi.dll)
3112. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dnsapi.dll
3113. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa25e10000 LB 0x000cb000 C:\WINDOWS\SYSTEM32\DNSAPI.dll [fFlags=0x0]
3114. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dnsapi.dll [avoiding WinVerifyTrust]
3115. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3116. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3117. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust]
3118. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3119. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3120. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
3121. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3122. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3123. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust]
3124. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3125. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume2\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3126. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ws2_32.dll
3127. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3128. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3129. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3130. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3131. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
3132. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume2\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
3133. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\nsi.dll [lacks WinVerifyTrust]
3134. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3135. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3136. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3137. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3138. 31b4.1940: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dnsapi.dll'
3139. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ea4 pwszName=\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll
3140. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3141. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3142. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4046160B2B0DC0559D0AE96A25C912515D96829D
3143. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3144. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3145. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll'
3146. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3147. 31b4.1940: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dhcpcsvc.dll'
3148. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ea0 pwszName=\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll
3149. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3150. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3151. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8A4B35134FE83EA6C710EA68891208811F657FE
3152. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3153. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3154. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll'
3155. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3156. 31b4.1940: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\dhcpcsvc6.dll'
3157. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3158. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3159. 31b4.1940: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\nsi.dll'
3160. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3161. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3162. 31b4.1940: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\winnsi.dll'
3163. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3164. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3165. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3166. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'rpcrt4.dll'.
3167. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'devobj.dll'.
3168. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll) WinVerifyTrust
3169. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3170. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
3171. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume2\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
3172. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3173. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3174. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'cfgmgr32.dll'.
3175. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\devobj.dll) WinVerifyTrust
3176. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\devobj.dll
3177. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3178. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3179. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3180. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3181. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
3182. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
3183. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
3184. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\cfgmgr32.dll
3185. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDevApi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3186. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3187. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
3188. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa266b0000 LB 0x0002a000 C:\WINDOWS\System32\DEVOBJ.dll [fFlags=0x0]
3189. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\devobj.dll
3190. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa226a0000 LB 0x00072000 C:\WINDOWS\System32\MMDevApi.dll [fFlags=0x0]
3191. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3192. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa226a0000 'C:\WINDOWS\System32\MMDevApi.dll'
3193. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f54 pwszName=\Device\HarddiskVolume2\Windows\System32\dsound.dll
3194. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3195. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3196. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=8184043CF3F3DF1E3CF96E74DBBF7D0836417373
3197. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3198. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3199. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.959.cat'; file='\Device\HarddiskVolume2\Windows\System32\dsound.dll'
3200. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3201. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3202. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'winmm.dll'.
3203. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\dsound.dll) WinVerifyTrust
3204. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\dsound.dll
3205. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3206. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3207. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3208. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3209. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3210. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000002009:<flags> [calling]
3211. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3212. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa08cc0000 LB 0x00099000 C:\WINDOWS\System32\dsound.dll [fFlags=0x0]
3213. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3214. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3215. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3216. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa08cc0000 'C:\WINDOWS\System32\dsound.dll'
3217. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa08cc0000 'C:\WINDOWS\System32\dsound.dll'
3218. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3219. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3220. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa08cc0000 'C:\WINDOWS\system32\dsound.dll'
3221. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3222. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MMDEVAPI.DLL (Input=MMDEVAPI.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3223. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa226a0000 'C:\WINDOWS\System32\MMDEVAPI.DLL'
3224. 31b4.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3225. 31b4.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3226. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcp_win.dll'.
3227. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
3228. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'oleaut32.dll'.
3229. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'mmdevapi.dll'.
3230. 31b4.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\AudioSes.dll) WinVerifyTrust
3231. 31b4.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3232. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3233. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3234. 31b4.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3235. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
3236. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume2\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
3237. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3238. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3239. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp_win.dll'...
3240. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp_win.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcp_win.dll' [rcNtRedir=0xc0150008]
3241. 31b4.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcp_win.dll
3242. 31b4.15ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\AUDIOSES.DLL (Input=AUDIOSES.DLL, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3243. 31b4.15ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3244. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'combase.dll'.
3245. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
3246. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #32 'bcryptprimitives.dll'.
3247. 31b4.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\WinTypes.dll)
3248. 31b4.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\WinTypes.dll
3249. 31b4.15ac: supR3HardenedDllNotificationCallback: load 00007ffa22de0000 LB 0x00153000 C:\WINDOWS\SYSTEM32\wintypes.dll [fFlags=0x0]
3250. 31b4.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\WinTypes.dll [avoiding WinVerifyTrust]
3251. 31b4.15ac: supR3HardenedDllNotificationCallback: load 00007ffa03fb0000 LB 0x0015d000 C:\WINDOWS\System32\AUDIOSES.DLL [fFlags=0x0]
3252. 31b4.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\AudioSes.dll
3253. 31b4.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa03fb0000 'C:\WINDOWS\System32\AUDIOSES.DLL'
3254. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
3255. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
3256. 31b4.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\bcryptprimitives.dll
3257. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3258. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3259. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
3260. 31b4.15ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume2\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
3261. 31b4.15ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\combase.dll
3262. 31b4.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3263. 31b4.15ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3264. 31b4.15ac: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\WinTypes.dll'
3265. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3266. 31b4.15ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'rpcrt4.dll'.
3267. 31b4.15ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ResourcePolicyClient.dll)
3268. 31b4.15ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ResourcePolicyClient.dll
3269. 31b4.15ac: supR3HardenedDllNotificationCallback: load 00007ffa24e90000 LB 0x00014000 C:\WINDOWS\SYSTEM32\resourcepolicyclient.dll [fFlags=0x0]
3270. 31b4.15ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ResourcePolicyClient.dll [avoiding WinVerifyTrust]
3271. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3272. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3273. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3274. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3275. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3276. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3277. 31b4.1940: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ResourcePolicyClient.dll'
3278. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3279. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\winmm.dll (Input=winmm.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3280. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3281. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fb8 pwszName=\Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3282. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3283. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3284. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=38EA8D6D625C6A0A9075DAE17FD33652FF8FC23A
3285. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3286. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3287. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.959.cat'; file='\Device\HarddiskVolume2\Windows\System32\wdmaud.drv'
3288. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3289. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3290. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mmdevapi.dll'.
3291. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #27 'ksuser.dll'.
3292. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'avrt.dll'.
3293. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\wdmaud.drv) WinVerifyTrust
3294. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3295. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'avrt.dll'...
3296. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'avrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\avrt.dll' [rcNtRedir=0xc0150008]
3297. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3298. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3299. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\avrt.dll) WinVerifyTrust
3300. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\avrt.dll
3301. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ksuser.dll'...
3302. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'ksuser.dll' -> '\Device\HarddiskVolume2\Windows\System32\ksuser.dll' [rcNtRedir=0xc0150008]
3303. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3304. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3305. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3306. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ksuser.dll) WinVerifyTrust
3307. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ksuser.dll
3308. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3309. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3310. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3311. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3312. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3313. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3314. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3315. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3316. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3317. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
3318. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
3319. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9e7360000 LB 0x00009000 C:\WINDOWS\SYSTEM32\ksuser.dll [fFlags=0x0]
3320. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ksuser.dll
3321. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ffa1e090000 LB 0x0000a000 C:\WINDOWS\SYSTEM32\AVRT.dll [fFlags=0x0]
3322. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\avrt.dll
3323. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9e7370000 LB 0x00044000 C:\WINDOWS\System32\wdmaud.drv [fFlags=0x0]
3324. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3325. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7370000 'C:\WINDOWS\System32\wdmaud.drv'
3326. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3327. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3328. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7370000 'C:\WINDOWS\System32\wdmaud.drv'
3329. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3330. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3331. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7370000 'C:\WINDOWS\System32\wdmaud.drv'
3332. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3333. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3334. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7370000 'C:\WINDOWS\System32\wdmaud.drv'
3335. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\wdmaud.drv
3336. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\wdmaud.drv (Input=wdmaud.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3337. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7370000 'C:\WINDOWS\System32\wdmaud.drv'
3338. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001040 pwszName=\Device\HarddiskVolume2\Windows\System32\msacm32.drv
3339. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3340. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3341. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=763C5E89A8DA653902990733D245B99CC7C40BEA
3342. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3343. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3344. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.959.cat'; file='\Device\HarddiskVolume2\Windows\System32\msacm32.drv'
3345. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3346. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3347. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'mmdevapi.dll'.
3348. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msacm32.dll'.
3349. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'winmmbase.dll'.
3350. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.drv) WinVerifyTrust
3351. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3352. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
3353. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
3354. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmmbase.dll
3355. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msacm32.dll'...
3356. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msacm32.dll' -> '\Device\HarddiskVolume2\Windows\System32\msacm32.dll' [rcNtRedir=0xc0150008]
3357. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3358. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3359. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3360. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\msacm32.dll) WinVerifyTrust
3361. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3362. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mmdevapi.dll'...
3363. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'mmdevapi.dll' -> '\Device\HarddiskVolume2\Windows\System32\mmdevapi.dll' [rcNtRedir=0xc0150008]
3364. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\MMDevAPI.dll
3365. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3366. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3367. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3368. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3369. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3370. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3371. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3372. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9e6e10000 LB 0x0001c000 C:\WINDOWS\SYSTEM32\MSACM32.dll [fFlags=0x0]
3373. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.dll
3374. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9e7330000 LB 0x0000d000 C:\WINDOWS\System32\msacm32.drv [fFlags=0x0]
3375. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3376. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3377. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3378. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3379. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3380. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3381. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3382. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3383. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3384. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3385. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3386. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3387. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3388. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3389. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3390. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3391. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3392. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msacm32.drv
3393. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\msacm32.drv (Input=msacm32.drv, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3394. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3395. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3396. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3397. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7330000 'C:\WINDOWS\System32\msacm32.drv'
3398. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000fb0 pwszName=\Device\HarddiskVolume2\Windows\System32\midimap.dll
3399. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3400. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3401. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=EB34EC166C3F780657AB67E557E6C2E60C398D10
3402. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3403. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3404. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package~31bf3856ad364e35~amd64~~10.0.18362.959.cat'; file='\Device\HarddiskVolume2\Windows\System32\midimap.dll'
3405. 31b4.1940: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3406. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3407. 31b4.1940: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'winmm.dll'.
3408. 31b4.1940: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\midimap.dll) WinVerifyTrust
3409. 31b4.1940: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\midimap.dll
3410. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
3411. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume2\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
3412. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\winmm.dll
3413. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3414. 31b4.1940: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3415. 31b4.1940: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msvcrt.dll
3416. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3417. 31b4.1940: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3418. 31b4.1940: supR3HardenedDllNotificationCallback: load 00007ff9e7320000 LB 0x0000a000 C:\WINDOWS\System32\midimap.dll [fFlags=0x0]
3419. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3420. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7320000 'C:\WINDOWS\System32\midimap.dll'
3421. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3422. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3423. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7320000 'C:\WINDOWS\System32\midimap.dll'
3424. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3425. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3426. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7320000 'C:\WINDOWS\System32\midimap.dll'
3427. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\midimap.dll
3428. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\midimap.dll (Input=midimap.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000001001:<flags> [calling]
3429. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ff9e7320000 'C:\WINDOWS\System32\midimap.dll'
3430. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3431. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3432. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3433. 31b4.1940: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\dsound.dll
3434. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\dsound.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3435. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa08cc0000 'C:\WINDOWS\system32\dsound.dll'
3436. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3437. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3438. 31b4.1940: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa23640000 'C:\WINDOWS\System32\winmm.dll'
3439. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\msctf.dll
3440. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\System32\MSCTF.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
3441. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa28200000 'C:\WINDOWS\System32\MSCTF.dll'
3442. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3443. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'rpcrt4.dll'.
3444. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'coreuicomponents.dll'.
3445. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #20 'coremessaging.dll'.
3446. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll)
3447. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll
3448. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3449. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #35 'coremessaging.dll'.
3450. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #47 'shcore.dll'.
3451. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll)
3452. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll
3453. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3454. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll)
3455. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll
3456. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\ntmarta.dll)
3457. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\ntmarta.dll
3458. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa25a10000 LB 0x00031000 C:\WINDOWS\SYSTEM32\ntmarta.dll [fFlags=0x0]
3459. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\ntmarta.dll [avoiding WinVerifyTrust]
3460. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa24960000 LB 0x000d4000 C:\WINDOWS\System32\CoreMessaging.dll [fFlags=0x0]
3461. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll [avoiding WinVerifyTrust]
3462. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa1fe70000 LB 0x0032a000 C:\WINDOWS\System32\CoreUIComponents.dll [fFlags=0x0]
3463. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll [avoiding WinVerifyTrust]
3464. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa202c0000 LB 0x0009e000 C:\WINDOWS\System32\TextInputFramework.dll [fFlags=0x0]
3465. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll [avoiding WinVerifyTrust]
3466. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3467. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3468. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shcore.dll'...
3469. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'shcore.dll' -> '\Device\HarddiskVolume2\Windows\System32\shcore.dll' [rcNtRedir=0xc0150008]
3470. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\SHCore.dll
3471. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
3472. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume2\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
3473. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
3474. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3475. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3476. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coremessaging.dll'...
3477. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coremessaging.dll' -> '\Device\HarddiskVolume2\Windows\System32\coremessaging.dll' [rcNtRedir=0xc0150008]
3478. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll [lacks WinVerifyTrust]
3479. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'coreuicomponents.dll'...
3480. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'coreuicomponents.dll' -> '\Device\HarddiskVolume2\Windows\System32\coreuicomponents.dll' [rcNtRedir=0xc0150008]
3481. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll [lacks WinVerifyTrust]
3482. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3483. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume2\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3484. 31b4.1be4: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\rpcrt4.dll
3485. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3486. 31b4.1be4: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume2\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3487. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3488. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3489. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\ntmarta.dll'
3490. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3491. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3492. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\CoreMessaging.dll'
3493. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3494. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3495. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\CoreUIComponents.dll'
3496. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3497. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3498. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\TextInputFramework.dll'
3499. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3500. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3501. 31b4.30a8: '\Device\HarddiskVolume2\Windows\System32\tzres.dll' has no imports
3502. 31b4.30a8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume2\Windows\System32\tzres.dll)
3503. 31b4.30a8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\tzres.dll
3504. 31b4.30a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001174 (hFile=0000000000001160) with 0xc0000022 -> STATUS_TRUST_FAILURE
3505. 31b4.30a8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume2\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
3506. 31b4.30a8: supR3HardenedMonitor_NtCreateSection: NtMapViewOfSection failed on 0000000000001160 (hFile=0000000000001174) with 0xc0000022 -> STATUS_TRUST_FAILURE
3507. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001170 pwszName=\Device\HarddiskVolume2\Windows\System32\tzres.dll
3508. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000e791e0
3509. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000e791e0
3510. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=88837B0A9EBB242B4E4FB904A333C960EF93AE6F
3511. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa25c30000 'C:\WINDOWS\system32\rsaenh.dll'
3512. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27970000 'C:\WINDOWS\System32\crypt32.dll'
3513. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\WINDOWS\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0416~31bf3856ad364e35~amd64~~10.0.18362.900.cat'; file='\Device\HarddiskVolume2\Windows\System32\tzres.dll'
3514. 31b4.1be4: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3515. 31b4.1be4: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume2\Windows\System32\tzres.dll'
3516. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3517. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3518. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3519. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\shell32.dll
3520. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=C:\WINDOWS\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3521. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3522. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3523. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa27af0000 'C:\WINDOWS\system32\shell32.dll'
3524. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll) -> 0x0, fPresent=1
3525. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3526. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29270000 'ext-ms-win-rtcore-ntuser-window-ext-l1-1-0.dll'
3527. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll) -> 0x0, fPresent=1
3528. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3529. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa29270000 'ext-ms-win-rtcore-ntuser-integration-l1-1-0.dll'
3530. 31b4.1be4: supR3HardenedIsApiSetDll: ApiSetQueryApiSetPresence(api-ms-win-core-com-l1-1-0.dll) -> 0x0, fPresent=1
3531. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-com-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3532. 31b4.1be4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007ffa283b0000 'api-ms-win-core-com-l1-1-0.dll'
3533. 31b4.1be4: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3534. 31b4.1be4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume2\Windows\System32\iertutil.dll)
3535. 31b4.1be4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume2\Windows\System32\iertutil.dll
3536. 31b4.1be4: supR3HardenedDllNotificationCallback: load 00007ffa1ea60000 LB 0x002a6000 C:\WINDOWS\System32\iertutil.dll [fFlags=0x0]
3537. 31b4.1be4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume2\Windows\System32\iertutil.dll [avoiding WinVerifyTrust]
3538.