Ticket #14556: VBoxStartup.log

File VBoxStartup.log, 326.9 KB (added by TronID, 9 years ago)

Line
1	1dcc.1798: Log file opened: 5.0.2r102096 g_hStartupLog=0000000000000018 g_uNtVerCombined=0x63258000
2	1dcc.1798: \SystemRoot\System32\ntdll.dll:
3	1dcc.1798: CreationTime: 2014-03-18T10:14:36.739928900Z
4	1dcc.1798: LastWriteTime: 2014-03-18T10:14:36.943083200Z
5	1dcc.1798: ChangeTime: 2015-08-19T07:06:29.144737500Z
6	1dcc.1798: FileAttributes: 0x20
7	1dcc.1798: Size: 0x1a5d10
8	1dcc.1798: NT Headers: 0xe8
9	1dcc.1798: Timestamp: 0x530895af
10	1dcc.1798: Machine: 0x8664 - amd64
11	1dcc.1798: Timestamp: 0x530895af
12	1dcc.1798: Image Version: 6.3
13	1dcc.1798: SizeOfImage: 0x1aa000 (1744896)
14	1dcc.1798: Resource Dir: 0x145000 LB 0x62450
15	1dcc.1798: ProductName: Microsoft® Windows® Operating System
16	1dcc.1798: ProductVersion: 6.3.9600.17031
17	1dcc.1798: FileVersion: 6.3.9600.17031 (winblue_gdr.140221-1952)
18	1dcc.1798: FileDescription: NT Layer DLL
19	1dcc.1798: \SystemRoot\System32\kernel32.dll:
20	1dcc.1798: CreationTime: 2014-05-15T02:05:12.262422000Z
21	1dcc.1798: LastWriteTime: 2014-05-15T02:05:12.264422100Z
22	1dcc.1798: ChangeTime: 2015-08-27T15:32:12.520359400Z
23	1dcc.1798: FileAttributes: 0x20
24	1dcc.1798: Size: 0x13b3c0
25	1dcc.1798: NT Headers: 0xe8
26	1dcc.1798: Timestamp: 0x532a419c
27	1dcc.1798: Machine: 0x8664 - amd64
28	1dcc.1798: Timestamp: 0x532a419c
29	1dcc.1798: Image Version: 6.3
30	1dcc.1798: SizeOfImage: 0x13a000 (1286144)
31	1dcc.1798: Resource Dir: 0x12a000 LB 0x520
32	1dcc.1798: ProductName: Microsoft® Windows® Operating System
33	1dcc.1798: ProductVersion: 6.3.9600.17056
34	1dcc.1798: FileVersion: 6.3.9600.17056 (winblue_gdr.140319-1520)
35	1dcc.1798: FileDescription: Windows NT BASE API Client DLL
36	1dcc.1798: \SystemRoot\System32\KernelBase.dll:
37	1dcc.1798: CreationTime: 2014-05-15T02:05:12.106301200Z
38	1dcc.1798: LastWriteTime: 2014-05-15T02:05:12.107301500Z
39	1dcc.1798: ChangeTime: 2015-08-27T15:33:18.448366100Z
40	1dcc.1798: FileAttributes: 0x20
41	1dcc.1798: Size: 0x10f9d8
42	1dcc.1798: NT Headers: 0xf0
43	1dcc.1798: Timestamp: 0x532954fb
44	1dcc.1798: Machine: 0x8664 - amd64
45	1dcc.1798: Timestamp: 0x532954fb
46	1dcc.1798: Image Version: 6.3
47	1dcc.1798: SizeOfImage: 0x10f000 (1110016)
48	1dcc.1798: Resource Dir: 0x10a000 LB 0x3530
49	1dcc.1798: ProductName: Microsoft® Windows® Operating System
50	1dcc.1798: ProductVersion: 6.3.9600.17055
51	1dcc.1798: FileVersion: 6.3.9600.17055 (winblue_gdr.140318-1651)
52	1dcc.1798: FileDescription: Windows NT BASE API Client DLL
53	1dcc.1798: \SystemRoot\System32\apisetschema.dll:
54	1dcc.1798: CreationTime: 2013-08-22T12:13:09.745625900Z
55	1dcc.1798: LastWriteTime: 2013-08-22T12:35:12.091034400Z
56	1dcc.1798: ChangeTime: 2015-08-19T18:20:31.227258500Z
57	1dcc.1798: FileAttributes: 0x20
58	1dcc.1798: Size: 0x11360
59	1dcc.1798: NT Headers: 0xd0
60	1dcc.1798: Timestamp: 0x52160049
61	1dcc.1798: Machine: 0x8664 - amd64
62	1dcc.1798: Timestamp: 0x52160049
63	1dcc.1798: Image Version: 6.3
64	1dcc.1798: SizeOfImage: 0x13000 (77824)
65	1dcc.1798: Resource Dir: 0x11000 LB 0x3f8
66	1dcc.1798: ProductName: Microsoft® Windows® Operating System
67	1dcc.1798: ProductVersion: 6.3.9600.16384
68	1dcc.1798: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
69	1dcc.1798: FileDescription: ApiSet Schema DLL
70	1dcc.1798: NtOpenDirectoryObject failed on \Driver: 0xc0000022
71	1dcc.1798: supR3HardenedWinFindAdversaries: 0x100
72	1dcc.1798: \SystemRoot\System32\drivers\avgrkx64.sys:
73	1dcc.1798: CreationTime: 2015-03-20T05:18:18.000000000Z
74	1dcc.1798: LastWriteTime: 2015-03-20T05:18:18.000000000Z
75	1dcc.1798: ChangeTime: 2015-08-19T04:34:54.848403100Z
76	1dcc.1798: FileAttributes: 0x20
77	1dcc.1798: Size: 0x9fe0
78	1dcc.1798: NT Headers: 0xe8
79	1dcc.1798: Timestamp: 0x550bf3e7
80	1dcc.1798: Machine: 0x8664 - amd64
81	1dcc.1798: Timestamp: 0x550bf3e7
82	1dcc.1798: Image Version: 6.2
83	1dcc.1798: SizeOfImage: 0xa000 (40960)
84	1dcc.1798: Resource Dir: 0x9000 LB 0x510
85	1dcc.1798: ProductName: AVG Internet Security
86	1dcc.1798: ProductVersion: 15.0.0.5908
87	1dcc.1798: FileVersion: 15.0.0.5908
88	1dcc.1798: SpecialBuild: AvCompile_2015_0320_111532(5908), SVNRev 18c4578e1c294cb8006a179b834157155925d4af (release/SmallUpdate2015-04_beta), av
89	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
90	1dcc.1798: FileDescription: AVG Anti-Rootkit Driver
91	1dcc.1798: \SystemRoot\System32\drivers\avgmfx64.sys:
92	1dcc.1798: CreationTime: 2015-08-04T04:32:32.000000000Z
93	1dcc.1798: LastWriteTime: 2015-08-04T04:32:32.000000000Z
94	1dcc.1798: ChangeTime: 2015-08-27T14:54:10.509488100Z
95	1dcc.1798: FileAttributes: 0x20
96	1dcc.1798: Size: 0x3d3b0
97	1dcc.1798: NT Headers: 0xe0
98	1dcc.1798: Timestamp: 0x55c086ac
99	1dcc.1798: Machine: 0x8664 - amd64
100	1dcc.1798: Timestamp: 0x55c086ac
101	1dcc.1798: Image Version: 6.2
102	1dcc.1798: SizeOfImage: 0x3e000 (253952)
103	1dcc.1798: Resource Dir: 0x3c000 LB 0x52c
104	1dcc.1798: ProductName: AVG Internet Security
105	1dcc.1798: ProductVersion: 15.0.0.6132
106	1dcc.1798: FileVersion: 15.0.0.6132
107	1dcc.1798: SpecialBuild: AvCompile_2015_0804_112815(6132), SVNRev cbac1c769cb9b6888db1f1065b4133bf3c9ce40f (release/SmallUpdate2015-08_beta), av
108	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
109	1dcc.1798: FileDescription: AVG Resident Shield Minifilter Driver
110	1dcc.1798: \SystemRoot\System32\drivers\avgidsdrivera.sys:
111	1dcc.1798: CreationTime: 2015-08-19T04:52:30.000000000Z
112	1dcc.1798: LastWriteTime: 2015-08-19T04:52:30.000000000Z
113	1dcc.1798: ChangeTime: 2015-08-27T14:54:13.654218400Z
114	1dcc.1798: FileAttributes: 0x20
115	1dcc.1798: Size: 0x4c7b0
116	1dcc.1798: NT Headers: 0xe8
117	1dcc.1798: Timestamp: 0x55d451da
118	1dcc.1798: Machine: 0x8664 - amd64
119	1dcc.1798: Timestamp: 0x55d451da
120	1dcc.1798: Image Version: 6.2
121	1dcc.1798: SizeOfImage: 0x53000 (339968)
122	1dcc.1798: Resource Dir: 0x51000 LB 0x554
123	1dcc.1798: ProductName: AVG Internet Security
124	1dcc.1798: ProductVersion: 15.0.0.6137
125	1dcc.1798: FileVersion: 15.0.0.6137
126	1dcc.1798: SpecialBuild: AvCompile_2015_0819_113418(6137), SVNRev 7ade868631072664eb184732ae422a4307e58f68 (release/SmallUpdate2015-08_release), av
127	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
128	1dcc.1798: FileDescription: AVG IDS Application Activity Monitor Driver.
129	1dcc.1798: \SystemRoot\System32\drivers\avgidsha.sys:
130	1dcc.1798: CreationTime: 2015-08-19T04:53:56.000000000Z
131	1dcc.1798: LastWriteTime: 2015-08-19T04:53:56.000000000Z
132	1dcc.1798: ChangeTime: 2015-08-27T14:54:13.507210600Z
133	1dcc.1798: FileAttributes: 0x20
134	1dcc.1798: Size: 0x48bb0
135	1dcc.1798: NT Headers: 0xd8
136	1dcc.1798: Timestamp: 0x55d45230
137	1dcc.1798: Machine: 0x8664 - amd64
138	1dcc.1798: Timestamp: 0x55d45230
139	1dcc.1798: Image Version: 6.2
140	1dcc.1798: SizeOfImage: 0x49000 (299008)
141	1dcc.1798: Resource Dir: 0x47000 LB 0x548
142	1dcc.1798: ProductName: AVG Internet Security
143	1dcc.1798: ProductVersion: 15.0.0.6137
144	1dcc.1798: FileVersion: 15.0.0.6137
145	1dcc.1798: SpecialBuild: AvCompile_2015_0819_113418(6137), SVNRev 7ade868631072664eb184732ae422a4307e58f68 (release/SmallUpdate2015-08_release), av
146	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
147	1dcc.1798: FileDescription: AVG Application Activity Monitor Helper Driver
148	1dcc.1798: \SystemRoot\System32\drivers\avgloga.sys:
149	1dcc.1798: CreationTime: 2015-05-07T06:50:22.000000000Z
150	1dcc.1798: LastWriteTime: 2015-05-07T06:50:22.000000000Z
151	1dcc.1798: ChangeTime: 2015-08-19T04:34:46.033632900Z
152	1dcc.1798: FileAttributes: 0x20
153	1dcc.1798: Size: 0x5c5e0
154	1dcc.1798: NT Headers: 0xf0
155	1dcc.1798: Timestamp: 0x554b5179
156	1dcc.1798: Machine: 0x8664 - amd64
157	1dcc.1798: Timestamp: 0x554b5179
158	1dcc.1798: Image Version: 6.2
159	1dcc.1798: SizeOfImage: 0x5b000 (372736)
160	1dcc.1798: Resource Dir: 0x59000 LB 0x4ec
161	1dcc.1798: ProductName: AVG Internet Security
162	1dcc.1798: ProductVersion: 15.0.0.5957
163	1dcc.1798: FileVersion: 15.0.0.5957
164	1dcc.1798: SpecialBuild: AvCompile_2015_0507_134328(5957), SVNRev bcddc515e1405c8e35481b16de334020e451ec3e (release/HotFix2015-05), av
165	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
166	1dcc.1798: FileDescription: AVG Logging Driver
167	1dcc.1798: \SystemRoot\System32\drivers\avgldx64.sys:
168	1dcc.1798: CreationTime: 2015-06-16T08:55:04.000000000Z
169	1dcc.1798: LastWriteTime: 2015-06-16T08:55:04.000000000Z
170	1dcc.1798: ChangeTime: 2015-08-19T04:34:54.973401800Z
171	1dcc.1798: FileAttributes: 0x20
172	1dcc.1798: Size: 0x3f3e0
173	1dcc.1798: NT Headers: 0xe0
174	1dcc.1798: Timestamp: 0x55802aaf
175	1dcc.1798: Machine: 0x8664 - amd64
176	1dcc.1798: Timestamp: 0x55802aaf
177	1dcc.1798: Image Version: 6.2
178	1dcc.1798: SizeOfImage: 0x42000 (270336)
179	1dcc.1798: Resource Dir: 0x40000 LB 0x50c
180	1dcc.1798: ProductName: AVG Internet Security
181	1dcc.1798: ProductVersion: 15.0.0.6055
182	1dcc.1798: FileVersion: 15.0.0.6055
183	1dcc.1798: SpecialBuild: AvCompile_2015_0616_154836(6055), SVNRev 309d50c06d2885375935ac1c0a79cdb255cb7045 (release/SmallUpdate2015-06_beta), av
184	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
185	1dcc.1798: FileDescription: AVG AVI Loader Driver
186	1dcc.1798: \SystemRoot\System32\drivers\avgdiska.sys:
187	1dcc.1798: CreationTime: 2015-03-11T05:16:06.000000000Z
188	1dcc.1798: LastWriteTime: 2015-03-11T05:16:06.000000000Z
189	1dcc.1798: ChangeTime: 2015-08-19T04:34:57.366208700Z
190	1dcc.1798: FileAttributes: 0x20
191	1dcc.1798: Size: 0x27be0
192	1dcc.1798: NT Headers: 0xe0
193	1dcc.1798: Timestamp: 0x550015e3
194	1dcc.1798: Machine: 0x8664 - amd64
195	1dcc.1798: Timestamp: 0x550015e3
196	1dcc.1798: Image Version: 6.2
197	1dcc.1798: SizeOfImage: 0x29000 (167936)
198	1dcc.1798: Resource Dir: 0x27000 LB 0x4e0
199	1dcc.1798: ProductName: AVG Internet Security
200	1dcc.1798: ProductVersion: 15.0.0.5902
201	1dcc.1798: FileVersion: 15.0.0.5902
202	1dcc.1798: SpecialBuild: AvCompile_2015_0311_110513(5902), SVNRev d57888a6d0541615b2b2c643813a0b67abc3acba (av/devel), av
203	1dcc.1798: PrivateBuild: x64 Release_Unicode_DRIVER
204	1dcc.1798: FileDescription: AVG File Vault Driver
205	1dcc.1798: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
206	1dcc.1798: Calling main()
207	1dcc.1798: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
208	1dcc.1798: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
209	1dcc.1798: SUPR3HardenedMain: Respawn #1
210	1dcc.1798: System32: \Device\HarddiskVolume4\Windows\System32
211	1dcc.1798: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
212	1dcc.1798: KnownDllPath: C:\Windows\system32
213	1dcc.1798: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
214	1dcc.1798: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
215	1dcc.1798: supR3HardNtEnableThreadCreation:
216	1dcc.1798: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffe9de6a4c pvNtTerminateThread=00007fffe9e2b0b0
217	1dcc.1798: supR3HardenedWinDoReSpawn(1): New child c8c.ec4 [kernel32].
218	1dcc.1798: supR3HardNtChildGatherData: PebBaseAddress=00007ff7cedfb000 cbPeb=0x388
219	1dcc.1798: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fffe9d90000 uNtDllChildAddr=00007fffe9d90000
220	1dcc.1798: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fffe9de6a4c
221	1dcc.1798: supR3HardenedWinSetupChildInit: Start child.
222	1dcc.1798: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
223	1dcc.1798: supR3HardNtChildPurify: Startup delay kludge #1/0: 513 ms, 58 sleeps
224	1dcc.1798: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
225	1dcc.1798: *0000000000000000-ffffffffffc9ffff 0x0001/0x0000 0x0000000
226	1dcc.1798: *0000000000360000-000000000033ffff 0x0004/0x0004 0x0020000
227	1dcc.1798: *0000000000380000-0000000000370fff 0x0002/0x0002 0x0040000
228	1dcc.1798: 000000000038f000-000000000038dfff 0x0001/0x0000 0x0000000
229	1dcc.1798: *0000000000390000-0000000000293fff 0x0000/0x0004 0x0020000
230	1dcc.1798: 000000000048c000-0000000000488fff 0x0104/0x0004 0x0020000
231	1dcc.1798: 000000000048f000-000000000048dfff 0x0004/0x0004 0x0020000
232	1dcc.1798: *0000000000490000-000000000048bfff 0x0002/0x0002 0x0040000
233	1dcc.1798: 0000000000494000-0000000000487fff 0x0001/0x0000 0x0000000
234	1dcc.1798: *00000000004a0000-000000000049dfff 0x0004/0x0004 0x0020000
235	1dcc.1798: 00000000004a2000-ffffffff80963fff 0x0001/0x0000 0x0000000
236	1dcc.1798: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
237	1dcc.1798: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
238	1dcc.1798: 000000007fff0000-ffff80093120ffff 0x0001/0x0000 0x0000000
239	1dcc.1798: *00007ff7cedd0000-00007ff7cedacfff 0x0002/0x0002 0x0040000
240	1dcc.1798: 00007ff7cedf3000-00007ff7cedeafff 0x0001/0x0000 0x0000000
241	1dcc.1798: *00007ff7cedfb000-00007ff7cedf9fff 0x0004/0x0004 0x0020000
242	1dcc.1798: 00007ff7cedfc000-00007ff7cedf9fff 0x0001/0x0000 0x0000000
243	1dcc.1798: *00007ff7cedfe000-00007ff7cedfbfff 0x0004/0x0004 0x0020000
244	1dcc.1798: 00007ff7cee00000-00007ff7ce39ffff 0x0001/0x0000 0x0000000
245	1dcc.1798: *00007ff7cf860000-00007ff7cf860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
246	1dcc.1798: 00007ff7cf861000-00007ff7cf8e6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
247	1dcc.1798: 00007ff7cf8e7000-00007ff7cf8e7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
248	1dcc.1798: 00007ff7cf8e8000-00007ff7cf931fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
249	1dcc.1798: 00007ff7cf932000-00007ff7cf932fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
250	1dcc.1798: 00007ff7cf933000-00007ff7cf933fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
251	1dcc.1798: 00007ff7cf934000-00007ff7cf935fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
252	1dcc.1798: 00007ff7cf936000-00007ff7cf936fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
253	1dcc.1798: 00007ff7cf937000-00007ff7cf937fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
254	1dcc.1798: 00007ff7cf938000-00007ff7cf93bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
255	1dcc.1798: 00007ff7cf93c000-00007ff7cf985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
256	1dcc.1798: 00007ff7cf986000-00007fefb557bfff 0x0001/0x0000 0x0000000
257	1dcc.1798: *00007fffe9d90000-00007fffe9d90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
258	1dcc.1798: 00007fffe9d91000-00007fffe9eb9fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
259	1dcc.1798: 00007fffe9eba000-00007fffe9ec2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
260	1dcc.1798: 00007fffe9ec3000-00007fffe9ecffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
261	1dcc.1798: 00007fffe9ed0000-00007fffe9ed0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
262	1dcc.1798: 00007fffe9ed1000-00007fffe9ed1fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
263	1dcc.1798: 00007fffe9ed2000-00007fffe9f39fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
264	1dcc.1798: 00007fffe9f3a000-00007fffd3e93fff 0x0001/0x0000 0x0000000
265	1dcc.1798: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
266	1dcc.1798: VirtualBox.exe: timestamp 0x55ccc4d5 (rc=VINF_SUCCESS)
267	1dcc.1798: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
268	1dcc.1798: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
269	1dcc.1798: supR3HardNtChildPurify: Done after 572 ms and 0 fixes (loop #0).
270	c8c.ec4: Log file opened: 5.0.2r102096 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
271	c8c.ec4: supR3HardenedVmProcessInit: uNtDllAddr=00007fffe9d90000
272	c8c.ec4: ntdll.dll: timestamp 0x530895af (rc=VINF_SUCCESS)
273	c8c.ec4: New simple heap: #1 00000000005b0000 LB 0x400000 (for 1744896 allocation)
274	1dcc.1798: supR3HardNtEnableThreadCreation:
275	c8c.ec4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
276	c8c.ec4: System32: \Device\HarddiskVolume4\Windows\System32
277	c8c.ec4: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
278	c8c.ec4: KnownDllPath: C:\Windows\system32
279	c8c.ec4: supR3HardenedVmProcessInit: Opening vboxdrv stub...
280	c8c.ec4: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
281	c8c.ec4: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
282	c8c.ec4: Registered Dll notification callback with NTDLL.
283	c8c.ec4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
284	c8c.ec4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
285	c8c.ec4: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
286	c8c.ec4: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
287	c8c.ec4: supR3HardenedDllNotificationCallback: load 00007fffe5ec0000 LB 0x0010f000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
288	c8c.ec4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
289	c8c.ec4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
290	c8c.ec4: supR3HardenedDllNotificationCallback: load 00007fffe6f30000 LB 0x0013a000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
291	c8c.ec4: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
292	c8c.ec4: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6f30000 'C:\Windows\system32\KERNEL32.DLL'
293	c8c.ec4: supR3HardenedDllNotificationCallback: load 00007ff7cf860000 LB 0x00126000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
294	c8c.ec4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
295	c8c.ec4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
296	c8c.ec4: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
297	c8c.ec4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffe9de6a4c pvNtTerminateThread=00007fffe9e2b0b0
298	1dcc.1798: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 124 ms.
299	c8c.ec4: \SystemRoot\System32\ntdll.dll:
300	c8c.ec4: CreationTime: 2014-03-18T10:14:36.739928900Z
301	c8c.ec4: LastWriteTime: 2014-03-18T10:14:36.943083200Z
302	c8c.ec4: ChangeTime: 2015-08-19T07:06:29.144737500Z
303	c8c.ec4: FileAttributes: 0x20
304	c8c.ec4: Size: 0x1a5d10
305	c8c.ec4: NT Headers: 0xe8
306	c8c.ec4: Timestamp: 0x530895af
307	c8c.ec4: Machine: 0x8664 - amd64
308	c8c.ec4: Timestamp: 0x530895af
309	c8c.ec4: Image Version: 6.3
310	c8c.ec4: SizeOfImage: 0x1aa000 (1744896)
311	c8c.ec4: Resource Dir: 0x145000 LB 0x62450
312	c8c.ec4: ProductName: Microsoft® Windows® Operating System
313	c8c.ec4: ProductVersion: 6.3.9600.17031
314	c8c.ec4: FileVersion: 6.3.9600.17031 (winblue_gdr.140221-1952)
315	c8c.ec4: FileDescription: NT Layer DLL
316	c8c.ec4: \SystemRoot\System32\kernel32.dll:
317	c8c.ec4: CreationTime: 2014-05-15T02:05:12.262422000Z
318	c8c.ec4: LastWriteTime: 2014-05-15T02:05:12.264422100Z
319	c8c.ec4: ChangeTime: 2015-08-27T15:32:12.520359400Z
320	c8c.ec4: FileAttributes: 0x20
321	c8c.ec4: Size: 0x13b3c0
322	c8c.ec4: NT Headers: 0xe8
323	c8c.ec4: Timestamp: 0x532a419c
324	c8c.ec4: Machine: 0x8664 - amd64
325	c8c.ec4: Timestamp: 0x532a419c
326	c8c.ec4: Image Version: 6.3
327	c8c.ec4: SizeOfImage: 0x13a000 (1286144)
328	c8c.ec4: Resource Dir: 0x12a000 LB 0x520
329	c8c.ec4: ProductName: Microsoft® Windows® Operating System
330	c8c.ec4: ProductVersion: 6.3.9600.17056
331	c8c.ec4: FileVersion: 6.3.9600.17056 (winblue_gdr.140319-1520)
332	c8c.ec4: FileDescription: Windows NT BASE API Client DLL
333	c8c.ec4: \SystemRoot\System32\KernelBase.dll:
334	c8c.ec4: CreationTime: 2014-05-15T02:05:12.106301200Z
335	c8c.ec4: LastWriteTime: 2014-05-15T02:05:12.107301500Z
336	c8c.ec4: ChangeTime: 2015-08-27T15:33:18.448366100Z
337	c8c.ec4: FileAttributes: 0x20
338	c8c.ec4: Size: 0x10f9d8
339	c8c.ec4: NT Headers: 0xf0
340	c8c.ec4: Timestamp: 0x532954fb
341	c8c.ec4: Machine: 0x8664 - amd64
342	c8c.ec4: Timestamp: 0x532954fb
343	c8c.ec4: Image Version: 6.3
344	c8c.ec4: SizeOfImage: 0x10f000 (1110016)
345	c8c.ec4: Resource Dir: 0x10a000 LB 0x3530
346	c8c.ec4: ProductName: Microsoft® Windows® Operating System
347	c8c.ec4: ProductVersion: 6.3.9600.17055
348	c8c.ec4: FileVersion: 6.3.9600.17055 (winblue_gdr.140318-1651)
349	c8c.ec4: FileDescription: Windows NT BASE API Client DLL
350	c8c.ec4: \SystemRoot\System32\apisetschema.dll:
351	c8c.ec4: CreationTime: 2013-08-22T12:13:09.745625900Z
352	c8c.ec4: LastWriteTime: 2013-08-22T12:35:12.091034400Z
353	c8c.ec4: ChangeTime: 2015-08-19T18:20:31.227258500Z
354	c8c.ec4: FileAttributes: 0x20
355	c8c.ec4: Size: 0x11360
356	c8c.ec4: NT Headers: 0xd0
357	c8c.ec4: Timestamp: 0x52160049
358	c8c.ec4: Machine: 0x8664 - amd64
359	c8c.ec4: Timestamp: 0x52160049
360	c8c.ec4: Image Version: 6.3
361	c8c.ec4: SizeOfImage: 0x13000 (77824)
362	c8c.ec4: Resource Dir: 0x11000 LB 0x3f8
363	c8c.ec4: ProductName: Microsoft® Windows® Operating System
364	c8c.ec4: ProductVersion: 6.3.9600.16384
365	c8c.ec4: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
366	c8c.ec4: FileDescription: ApiSet Schema DLL
367	c8c.ec4: NtOpenDirectoryObject failed on \Driver: 0xc0000022
368	c8c.ec4: supR3HardenedWinFindAdversaries: 0x100
369	c8c.ec4: \SystemRoot\System32\drivers\avgrkx64.sys:
370	c8c.ec4: CreationTime: 2015-03-20T05:18:18.000000000Z
371	c8c.ec4: LastWriteTime: 2015-03-20T05:18:18.000000000Z
372	c8c.ec4: ChangeTime: 2015-08-19T04:34:54.848403100Z
373	c8c.ec4: FileAttributes: 0x20
374	c8c.ec4: Size: 0x9fe0
375	c8c.ec4: NT Headers: 0xe8
376	c8c.ec4: Timestamp: 0x550bf3e7
377	c8c.ec4: Machine: 0x8664 - amd64
378	c8c.ec4: Timestamp: 0x550bf3e7
379	c8c.ec4: Image Version: 6.2
380	c8c.ec4: SizeOfImage: 0xa000 (40960)
381	c8c.ec4: Resource Dir: 0x9000 LB 0x510
382	c8c.ec4: ProductName: AVG Internet Security
383	c8c.ec4: ProductVersion: 15.0.0.5908
384	c8c.ec4: FileVersion: 15.0.0.5908
385	c8c.ec4: SpecialBuild: AvCompile_2015_0320_111532(5908), SVNRev 18c4578e1c294cb8006a179b834157155925d4af (release/SmallUpdate2015-04_beta), av
386	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
387	c8c.ec4: FileDescription: AVG Anti-Rootkit Driver
388	c8c.ec4: \SystemRoot\System32\drivers\avgmfx64.sys:
389	c8c.ec4: CreationTime: 2015-08-04T04:32:32.000000000Z
390	c8c.ec4: LastWriteTime: 2015-08-04T04:32:32.000000000Z
391	c8c.ec4: ChangeTime: 2015-08-27T14:54:10.509488100Z
392	c8c.ec4: FileAttributes: 0x20
393	c8c.ec4: Size: 0x3d3b0
394	c8c.ec4: NT Headers: 0xe0
395	c8c.ec4: Timestamp: 0x55c086ac
396	c8c.ec4: Machine: 0x8664 - amd64
397	c8c.ec4: Timestamp: 0x55c086ac
398	c8c.ec4: Image Version: 6.2
399	c8c.ec4: SizeOfImage: 0x3e000 (253952)
400	c8c.ec4: Resource Dir: 0x3c000 LB 0x52c
401	c8c.ec4: ProductName: AVG Internet Security
402	c8c.ec4: ProductVersion: 15.0.0.6132
403	c8c.ec4: FileVersion: 15.0.0.6132
404	c8c.ec4: SpecialBuild: AvCompile_2015_0804_112815(6132), SVNRev cbac1c769cb9b6888db1f1065b4133bf3c9ce40f (release/SmallUpdate2015-08_beta), av
405	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
406	c8c.ec4: FileDescription: AVG Resident Shield Minifilter Driver
407	c8c.ec4: \SystemRoot\System32\drivers\avgidsdrivera.sys:
408	c8c.ec4: CreationTime: 2015-08-19T04:52:30.000000000Z
409	c8c.ec4: LastWriteTime: 2015-08-19T04:52:30.000000000Z
410	c8c.ec4: ChangeTime: 2015-08-27T14:54:13.654218400Z
411	c8c.ec4: FileAttributes: 0x20
412	c8c.ec4: Size: 0x4c7b0
413	c8c.ec4: NT Headers: 0xe8
414	c8c.ec4: Timestamp: 0x55d451da
415	c8c.ec4: Machine: 0x8664 - amd64
416	c8c.ec4: Timestamp: 0x55d451da
417	c8c.ec4: Image Version: 6.2
418	c8c.ec4: SizeOfImage: 0x53000 (339968)
419	c8c.ec4: Resource Dir: 0x51000 LB 0x554
420	c8c.ec4: ProductName: AVG Internet Security
421	c8c.ec4: ProductVersion: 15.0.0.6137
422	c8c.ec4: FileVersion: 15.0.0.6137
423	c8c.ec4: SpecialBuild: AvCompile_2015_0819_113418(6137), SVNRev 7ade868631072664eb184732ae422a4307e58f68 (release/SmallUpdate2015-08_release), av
424	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
425	c8c.ec4: FileDescription: AVG IDS Application Activity Monitor Driver.
426	c8c.ec4: \SystemRoot\System32\drivers\avgidsha.sys:
427	c8c.ec4: CreationTime: 2015-08-19T04:53:56.000000000Z
428	c8c.ec4: LastWriteTime: 2015-08-19T04:53:56.000000000Z
429	c8c.ec4: ChangeTime: 2015-08-27T14:54:13.507210600Z
430	c8c.ec4: FileAttributes: 0x20
431	c8c.ec4: Size: 0x48bb0
432	c8c.ec4: NT Headers: 0xd8
433	c8c.ec4: Timestamp: 0x55d45230
434	c8c.ec4: Machine: 0x8664 - amd64
435	c8c.ec4: Timestamp: 0x55d45230
436	c8c.ec4: Image Version: 6.2
437	c8c.ec4: SizeOfImage: 0x49000 (299008)
438	c8c.ec4: Resource Dir: 0x47000 LB 0x548
439	c8c.ec4: ProductName: AVG Internet Security
440	c8c.ec4: ProductVersion: 15.0.0.6137
441	c8c.ec4: FileVersion: 15.0.0.6137
442	c8c.ec4: SpecialBuild: AvCompile_2015_0819_113418(6137), SVNRev 7ade868631072664eb184732ae422a4307e58f68 (release/SmallUpdate2015-08_release), av
443	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
444	c8c.ec4: FileDescription: AVG Application Activity Monitor Helper Driver
445	c8c.ec4: \SystemRoot\System32\drivers\avgloga.sys:
446	c8c.ec4: CreationTime: 2015-05-07T06:50:22.000000000Z
447	c8c.ec4: LastWriteTime: 2015-05-07T06:50:22.000000000Z
448	c8c.ec4: ChangeTime: 2015-08-19T04:34:46.033632900Z
449	c8c.ec4: FileAttributes: 0x20
450	c8c.ec4: Size: 0x5c5e0
451	c8c.ec4: NT Headers: 0xf0
452	c8c.ec4: Timestamp: 0x554b5179
453	c8c.ec4: Machine: 0x8664 - amd64
454	c8c.ec4: Timestamp: 0x554b5179
455	c8c.ec4: Image Version: 6.2
456	c8c.ec4: SizeOfImage: 0x5b000 (372736)
457	c8c.ec4: Resource Dir: 0x59000 LB 0x4ec
458	c8c.ec4: ProductName: AVG Internet Security
459	c8c.ec4: ProductVersion: 15.0.0.5957
460	c8c.ec4: FileVersion: 15.0.0.5957
461	c8c.ec4: SpecialBuild: AvCompile_2015_0507_134328(5957), SVNRev bcddc515e1405c8e35481b16de334020e451ec3e (release/HotFix2015-05), av
462	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
463	c8c.ec4: FileDescription: AVG Logging Driver
464	c8c.ec4: \SystemRoot\System32\drivers\avgldx64.sys:
465	c8c.ec4: CreationTime: 2015-06-16T08:55:04.000000000Z
466	c8c.ec4: LastWriteTime: 2015-06-16T08:55:04.000000000Z
467	c8c.ec4: ChangeTime: 2015-08-19T04:34:54.973401800Z
468	c8c.ec4: FileAttributes: 0x20
469	c8c.ec4: Size: 0x3f3e0
470	c8c.ec4: NT Headers: 0xe0
471	c8c.ec4: Timestamp: 0x55802aaf
472	c8c.ec4: Machine: 0x8664 - amd64
473	c8c.ec4: Timestamp: 0x55802aaf
474	c8c.ec4: Image Version: 6.2
475	c8c.ec4: SizeOfImage: 0x42000 (270336)
476	c8c.ec4: Resource Dir: 0x40000 LB 0x50c
477	c8c.ec4: ProductName: AVG Internet Security
478	c8c.ec4: ProductVersion: 15.0.0.6055
479	c8c.ec4: FileVersion: 15.0.0.6055
480	c8c.ec4: SpecialBuild: AvCompile_2015_0616_154836(6055), SVNRev 309d50c06d2885375935ac1c0a79cdb255cb7045 (release/SmallUpdate2015-06_beta), av
481	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
482	c8c.ec4: FileDescription: AVG AVI Loader Driver
483	c8c.ec4: \SystemRoot\System32\drivers\avgdiska.sys:
484	c8c.ec4: CreationTime: 2015-03-11T05:16:06.000000000Z
485	c8c.ec4: LastWriteTime: 2015-03-11T05:16:06.000000000Z
486	c8c.ec4: ChangeTime: 2015-08-19T04:34:57.366208700Z
487	c8c.ec4: FileAttributes: 0x20
488	c8c.ec4: Size: 0x27be0
489	c8c.ec4: NT Headers: 0xe0
490	c8c.ec4: Timestamp: 0x550015e3
491	c8c.ec4: Machine: 0x8664 - amd64
492	c8c.ec4: Timestamp: 0x550015e3
493	c8c.ec4: Image Version: 6.2
494	c8c.ec4: SizeOfImage: 0x29000 (167936)
495	c8c.ec4: Resource Dir: 0x27000 LB 0x4e0
496	c8c.ec4: ProductName: AVG Internet Security
497	c8c.ec4: ProductVersion: 15.0.0.5902
498	c8c.ec4: FileVersion: 15.0.0.5902
499	c8c.ec4: SpecialBuild: AvCompile_2015_0311_110513(5902), SVNRev d57888a6d0541615b2b2c643813a0b67abc3acba (av/devel), av
500	c8c.ec4: PrivateBuild: x64 Release_Unicode_DRIVER
501	c8c.ec4: FileDescription: AVG File Vault Driver
502	c8c.ec4: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
503	c8c.ec4: Calling main()
504	c8c.ec4: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
505	c8c.ec4: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
506	c8c.ec4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
507	c8c.ec4: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
508	c8c.ec4: SUPR3HardenedMain: Respawn #2
509	c8c.ec4: supR3HardNtEnableThreadCreation:
510	c8c.ec4: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffe9de6a4c pvNtTerminateThread=00007fffe9e2b0b0
511	c8c.ec4: supR3HardenedWinDoReSpawn(2): New child 10a4.2c8 [kernel32].
512	c8c.ec4: supR3HardenedWinReSpawn: NtSetInformationThread/ThreadHideFromDebugger failed: 0xc0000022 (harmless)
513	c8c.ec4: supR3HardNtChildGatherData: PebBaseAddress=00007ff7cf0e4000 cbPeb=0x388
514	c8c.ec4: supR3HardNtPuChFindNtdll: uNtDllParentAddr=00007fffe9d90000 uNtDllChildAddr=00007fffe9d90000
515	c8c.ec4: supR3HardenedWinSetupChildInit: uLdrInitThunk=00007fffe9de6a4c
516	c8c.ec4: supR3HardenedWinSetupChildInit: Start child.
517	c8c.ec4: supR3HardNtChildWaitFor: Found expected request 0 (PurifyChildAndCloseHandles) after 0 ms.
518	c8c.ec4: supR3HardNtChildPurify: Startup delay kludge #1/0: 518 ms, 57 sleeps
519	c8c.ec4: supHardNtVpScanVirtualMemory: enmKind=CHILD_PURIFICATION
520	c8c.ec4: *0000000000000000-ffffffffff8dffff 0x0001/0x0000 0x0000000
521	c8c.ec4: *0000000000720000-00000000006fffff 0x0004/0x0004 0x0020000
522	c8c.ec4: *0000000000740000-0000000000730fff 0x0002/0x0002 0x0040000
523	c8c.ec4: 000000000074f000-000000000074dfff 0x0001/0x0000 0x0000000
524	c8c.ec4: *0000000000750000-0000000000653fff 0x0000/0x0004 0x0020000
525	c8c.ec4: 000000000084c000-0000000000848fff 0x0104/0x0004 0x0020000
526	c8c.ec4: 000000000084f000-000000000084dfff 0x0004/0x0004 0x0020000
527	c8c.ec4: *0000000000850000-000000000084bfff 0x0002/0x0002 0x0040000
528	c8c.ec4: 0000000000854000-0000000000847fff 0x0001/0x0000 0x0000000
529	c8c.ec4: *0000000000860000-000000000085dfff 0x0004/0x0004 0x0020000
530	c8c.ec4: 0000000000862000-ffffffff810e3fff 0x0001/0x0000 0x0000000
531	c8c.ec4: *000000007ffe0000-000000007ffdefff 0x0002/0x0002 0x0020000
532	c8c.ec4: 000000007ffe1000-000000007ffd1fff 0x0000/0x0002 0x0020000
533	c8c.ec4: 000000007fff0000-ffff800930f1ffff 0x0001/0x0000 0x0000000
534	c8c.ec4: *00007ff7cf0c0000-00007ff7cf09cfff 0x0002/0x0002 0x0040000
535	c8c.ec4: 00007ff7cf0e3000-00007ff7cf0e1fff 0x0001/0x0000 0x0000000
536	c8c.ec4: *00007ff7cf0e4000-00007ff7cf0e2fff 0x0004/0x0004 0x0020000
537	c8c.ec4: 00007ff7cf0e5000-00007ff7cf0dbfff 0x0001/0x0000 0x0000000
538	c8c.ec4: *00007ff7cf0ee000-00007ff7cf0ebfff 0x0004/0x0004 0x0020000
539	c8c.ec4: 00007ff7cf0f0000-00007ff7ce97ffff 0x0001/0x0000 0x0000000
540	c8c.ec4: *00007ff7cf860000-00007ff7cf860fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
541	c8c.ec4: 00007ff7cf861000-00007ff7cf8e6fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
542	c8c.ec4: 00007ff7cf8e7000-00007ff7cf8e7fff 0x0080/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
543	c8c.ec4: 00007ff7cf8e8000-00007ff7cf931fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
544	c8c.ec4: 00007ff7cf932000-00007ff7cf932fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
545	c8c.ec4: 00007ff7cf933000-00007ff7cf933fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
546	c8c.ec4: 00007ff7cf934000-00007ff7cf935fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
547	c8c.ec4: 00007ff7cf936000-00007ff7cf936fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
548	c8c.ec4: 00007ff7cf937000-00007ff7cf937fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
549	c8c.ec4: 00007ff7cf938000-00007ff7cf93bfff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
550	c8c.ec4: 00007ff7cf93c000-00007ff7cf985fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
551	c8c.ec4: 00007ff7cf986000-00007fefb557bfff 0x0001/0x0000 0x0000000
552	c8c.ec4: *00007fffe9d90000-00007fffe9d90fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
553	c8c.ec4: 00007fffe9d91000-00007fffe9eb9fff 0x0020/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
554	c8c.ec4: 00007fffe9eba000-00007fffe9ec2fff 0x0008/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
555	c8c.ec4: 00007fffe9ec3000-00007fffe9ecffff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
556	c8c.ec4: 00007fffe9ed0000-00007fffe9ed0fff 0x0004/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
557	c8c.ec4: 00007fffe9ed1000-00007fffe9ed1fff 0x0010/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
558	c8c.ec4: 00007fffe9ed2000-00007fffe9f39fff 0x0002/0x0080 0x1000000 \Device\HarddiskVolume4\Windows\System32\ntdll.dll
559	c8c.ec4: 00007fffe9f3a000-00007fffd3e93fff 0x0001/0x0000 0x0000000
560	c8c.ec4: *00007ffffffe0000-00007ffffffcffff 0x0001/0x0002 0x0020000
561	c8c.ec4: VirtualBox.exe: timestamp 0x55ccc4d5 (rc=VINF_SUCCESS)
562	c8c.ec4: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
563	c8c.ec4: '\Device\HarddiskVolume4\Windows\System32\ntdll.dll' has no imports
564	c8c.ec4: supR3HardNtChildPurify: Done after 576 ms and 0 fixes (loop #0).
565	10a4.2c8: Log file opened: 5.0.2r102096 g_hStartupLog=0000000000000004 g_uNtVerCombined=0x63258000
566	10a4.2c8: supR3HardenedVmProcessInit: uNtDllAddr=00007fffe9d90000
567	10a4.2c8: ntdll.dll: timestamp 0x530895af (rc=VINF_SUCCESS)
568	10a4.2c8: New simple heap: #1 0000000000970000 LB 0x400000 (for 1744896 allocation)
569	c8c.ec4: supR3HardenedEarlyCompact: Removed heap 1 (0x000000005b0000 LB 0x400000)
570	c8c.ec4: supR3HardNtEnableThreadCreation:
571	10a4.2c8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
572	10a4.2c8: System32: \Device\HarddiskVolume4\Windows\System32
573	10a4.2c8: WinSxS: \Device\HarddiskVolume4\Windows\WinSxS
574	10a4.2c8: KnownDllPath: C:\Windows\system32
575	10a4.2c8: supR3HardenedVmProcessInit: Opening vboxdrv...
576	10a4.2c8: supR3HardenedVmProcessInit: Restoring LdrInitializeThunk...
577	10a4.2c8: supR3HardenedVmProcessInit: Returning to LdrInitializeThunk...
578	10a4.2c8: Registered Dll notification callback with NTDLL.
579	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel32.dll)
580	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel32.dll
581	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\KERNEL32.DLL (Input=KERNEL32.DLL, rcNtResolve=0xc0150008) *pfFlags=0xffffffff pwszSearchPath=0000000000000801:<flags> [calling]
582	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
583	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5ec0000 LB 0x0010f000 C:\Windows\system32\KERNELBASE.dll [fFlags=0x0]
584	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\KernelBase.dll)
585	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\KernelBase.dll
586	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6f30000 LB 0x0013a000 C:\Windows\system32\KERNEL32.DLL [fFlags=0x0]
587	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
588	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6f30000 'C:\Windows\system32\KERNEL32.DLL'
589	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007ff7cf860000 LB 0x00126000 C:\Program Files\Oracle\VirtualBox\VirtualBox.exe [fFlags=0x0]
590	10a4.2c8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
591	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
592	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe
593	10a4.2c8: supR3HardNtDisableThreadCreation: pvLdrInitThunk=00007fffe9de6a4c pvNtTerminateThread=00007fffe9e2b0b0
594	c8c.ec4: supR3HardNtChildWaitFor: Found expected request 1 (CloseEvents) after 129 ms.
595	10a4.2c8: \SystemRoot\System32\ntdll.dll:
596	10a4.2c8: CreationTime: 2014-03-18T10:14:36.739928900Z
597	10a4.2c8: LastWriteTime: 2014-03-18T10:14:36.943083200Z
598	10a4.2c8: ChangeTime: 2015-08-19T07:06:29.144737500Z
599	10a4.2c8: FileAttributes: 0x20
600	10a4.2c8: Size: 0x1a5d10
601	10a4.2c8: NT Headers: 0xe8
602	10a4.2c8: Timestamp: 0x530895af
603	10a4.2c8: Machine: 0x8664 - amd64
604	10a4.2c8: Timestamp: 0x530895af
605	10a4.2c8: Image Version: 6.3
606	10a4.2c8: SizeOfImage: 0x1aa000 (1744896)
607	10a4.2c8: Resource Dir: 0x145000 LB 0x62450
608	10a4.2c8: ProductName: Microsoft® Windows® Operating System
609	10a4.2c8: ProductVersion: 6.3.9600.17031
610	10a4.2c8: FileVersion: 6.3.9600.17031 (winblue_gdr.140221-1952)
611	10a4.2c8: FileDescription: NT Layer DLL
612	10a4.2c8: \SystemRoot\System32\kernel32.dll:
613	10a4.2c8: CreationTime: 2014-05-15T02:05:12.262422000Z
614	10a4.2c8: LastWriteTime: 2014-05-15T02:05:12.264422100Z
615	10a4.2c8: ChangeTime: 2015-08-27T15:32:12.520359400Z
616	10a4.2c8: FileAttributes: 0x20
617	10a4.2c8: Size: 0x13b3c0
618	10a4.2c8: NT Headers: 0xe8
619	10a4.2c8: Timestamp: 0x532a419c
620	10a4.2c8: Machine: 0x8664 - amd64
621	10a4.2c8: Timestamp: 0x532a419c
622	10a4.2c8: Image Version: 6.3
623	10a4.2c8: SizeOfImage: 0x13a000 (1286144)
624	10a4.2c8: Resource Dir: 0x12a000 LB 0x520
625	10a4.2c8: ProductName: Microsoft® Windows® Operating System
626	10a4.2c8: ProductVersion: 6.3.9600.17056
627	10a4.2c8: FileVersion: 6.3.9600.17056 (winblue_gdr.140319-1520)
628	10a4.2c8: FileDescription: Windows NT BASE API Client DLL
629	10a4.2c8: \SystemRoot\System32\KernelBase.dll:
630	10a4.2c8: CreationTime: 2014-05-15T02:05:12.106301200Z
631	10a4.2c8: LastWriteTime: 2014-05-15T02:05:12.107301500Z
632	10a4.2c8: ChangeTime: 2015-08-27T15:33:18.448366100Z
633	10a4.2c8: FileAttributes: 0x20
634	10a4.2c8: Size: 0x10f9d8
635	10a4.2c8: NT Headers: 0xf0
636	10a4.2c8: Timestamp: 0x532954fb
637	10a4.2c8: Machine: 0x8664 - amd64
638	10a4.2c8: Timestamp: 0x532954fb
639	10a4.2c8: Image Version: 6.3
640	10a4.2c8: SizeOfImage: 0x10f000 (1110016)
641	10a4.2c8: Resource Dir: 0x10a000 LB 0x3530
642	10a4.2c8: ProductName: Microsoft® Windows® Operating System
643	10a4.2c8: ProductVersion: 6.3.9600.17055
644	10a4.2c8: FileVersion: 6.3.9600.17055 (winblue_gdr.140318-1651)
645	10a4.2c8: FileDescription: Windows NT BASE API Client DLL
646	10a4.2c8: \SystemRoot\System32\apisetschema.dll:
647	10a4.2c8: CreationTime: 2013-08-22T12:13:09.745625900Z
648	10a4.2c8: LastWriteTime: 2013-08-22T12:35:12.091034400Z
649	10a4.2c8: ChangeTime: 2015-08-19T18:20:31.227258500Z
650	10a4.2c8: FileAttributes: 0x20
651	10a4.2c8: Size: 0x11360
652	10a4.2c8: NT Headers: 0xd0
653	10a4.2c8: Timestamp: 0x52160049
654	10a4.2c8: Machine: 0x8664 - amd64
655	10a4.2c8: Timestamp: 0x52160049
656	10a4.2c8: Image Version: 6.3
657	10a4.2c8: SizeOfImage: 0x13000 (77824)
658	10a4.2c8: Resource Dir: 0x11000 LB 0x3f8
659	10a4.2c8: ProductName: Microsoft® Windows® Operating System
660	10a4.2c8: ProductVersion: 6.3.9600.16384
661	10a4.2c8: FileVersion: 6.3.9600.16384 (winblue_rtm.130821-1623)
662	10a4.2c8: FileDescription: ApiSet Schema DLL
663	10a4.2c8: NtOpenDirectoryObject failed on \Driver: 0xc0000022
664	10a4.2c8: supR3HardenedWinFindAdversaries: 0x100
665	10a4.2c8: \SystemRoot\System32\drivers\avgrkx64.sys:
666	10a4.2c8: CreationTime: 2015-03-20T05:18:18.000000000Z
667	10a4.2c8: LastWriteTime: 2015-03-20T05:18:18.000000000Z
668	10a4.2c8: ChangeTime: 2015-08-19T04:34:54.848403100Z
669	10a4.2c8: FileAttributes: 0x20
670	10a4.2c8: Size: 0x9fe0
671	10a4.2c8: NT Headers: 0xe8
672	10a4.2c8: Timestamp: 0x550bf3e7
673	10a4.2c8: Machine: 0x8664 - amd64
674	10a4.2c8: Timestamp: 0x550bf3e7
675	10a4.2c8: Image Version: 6.2
676	10a4.2c8: SizeOfImage: 0xa000 (40960)
677	10a4.2c8: Resource Dir: 0x9000 LB 0x510
678	10a4.2c8: ProductName: AVG Internet Security
679	10a4.2c8: ProductVersion: 15.0.0.5908
680	10a4.2c8: FileVersion: 15.0.0.5908
681	10a4.2c8: SpecialBuild: AvCompile_2015_0320_111532(5908), SVNRev 18c4578e1c294cb8006a179b834157155925d4af (release/SmallUpdate2015-04_beta), av
682	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
683	10a4.2c8: FileDescription: AVG Anti-Rootkit Driver
684	10a4.2c8: \SystemRoot\System32\drivers\avgmfx64.sys:
685	10a4.2c8: CreationTime: 2015-08-04T04:32:32.000000000Z
686	10a4.2c8: LastWriteTime: 2015-08-04T04:32:32.000000000Z
687	10a4.2c8: ChangeTime: 2015-08-27T14:54:10.509488100Z
688	10a4.2c8: FileAttributes: 0x20
689	10a4.2c8: Size: 0x3d3b0
690	10a4.2c8: NT Headers: 0xe0
691	10a4.2c8: Timestamp: 0x55c086ac
692	10a4.2c8: Machine: 0x8664 - amd64
693	10a4.2c8: Timestamp: 0x55c086ac
694	10a4.2c8: Image Version: 6.2
695	10a4.2c8: SizeOfImage: 0x3e000 (253952)
696	10a4.2c8: Resource Dir: 0x3c000 LB 0x52c
697	10a4.2c8: ProductName: AVG Internet Security
698	10a4.2c8: ProductVersion: 15.0.0.6132
699	10a4.2c8: FileVersion: 15.0.0.6132
700	10a4.2c8: SpecialBuild: AvCompile_2015_0804_112815(6132), SVNRev cbac1c769cb9b6888db1f1065b4133bf3c9ce40f (release/SmallUpdate2015-08_beta), av
701	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
702	10a4.2c8: FileDescription: AVG Resident Shield Minifilter Driver
703	10a4.2c8: \SystemRoot\System32\drivers\avgidsdrivera.sys:
704	10a4.2c8: CreationTime: 2015-08-19T04:52:30.000000000Z
705	10a4.2c8: LastWriteTime: 2015-08-19T04:52:30.000000000Z
706	10a4.2c8: ChangeTime: 2015-08-27T14:54:13.654218400Z
707	10a4.2c8: FileAttributes: 0x20
708	10a4.2c8: Size: 0x4c7b0
709	10a4.2c8: NT Headers: 0xe8
710	10a4.2c8: Timestamp: 0x55d451da
711	10a4.2c8: Machine: 0x8664 - amd64
712	10a4.2c8: Timestamp: 0x55d451da
713	10a4.2c8: Image Version: 6.2
714	10a4.2c8: SizeOfImage: 0x53000 (339968)
715	10a4.2c8: Resource Dir: 0x51000 LB 0x554
716	10a4.2c8: ProductName: AVG Internet Security
717	10a4.2c8: ProductVersion: 15.0.0.6137
718	10a4.2c8: FileVersion: 15.0.0.6137
719	10a4.2c8: SpecialBuild: AvCompile_2015_0819_113418(6137), SVNRev 7ade868631072664eb184732ae422a4307e58f68 (release/SmallUpdate2015-08_release), av
720	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
721	10a4.2c8: FileDescription: AVG IDS Application Activity Monitor Driver.
722	10a4.2c8: \SystemRoot\System32\drivers\avgidsha.sys:
723	10a4.2c8: CreationTime: 2015-08-19T04:53:56.000000000Z
724	10a4.2c8: LastWriteTime: 2015-08-19T04:53:56.000000000Z
725	10a4.2c8: ChangeTime: 2015-08-27T14:54:13.507210600Z
726	10a4.2c8: FileAttributes: 0x20
727	10a4.2c8: Size: 0x48bb0
728	10a4.2c8: NT Headers: 0xd8
729	10a4.2c8: Timestamp: 0x55d45230
730	10a4.2c8: Machine: 0x8664 - amd64
731	10a4.2c8: Timestamp: 0x55d45230
732	10a4.2c8: Image Version: 6.2
733	10a4.2c8: SizeOfImage: 0x49000 (299008)
734	10a4.2c8: Resource Dir: 0x47000 LB 0x548
735	10a4.2c8: ProductName: AVG Internet Security
736	10a4.2c8: ProductVersion: 15.0.0.6137
737	10a4.2c8: FileVersion: 15.0.0.6137
738	10a4.2c8: SpecialBuild: AvCompile_2015_0819_113418(6137), SVNRev 7ade868631072664eb184732ae422a4307e58f68 (release/SmallUpdate2015-08_release), av
739	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
740	10a4.2c8: FileDescription: AVG Application Activity Monitor Helper Driver
741	10a4.2c8: \SystemRoot\System32\drivers\avgloga.sys:
742	10a4.2c8: CreationTime: 2015-05-07T06:50:22.000000000Z
743	10a4.2c8: LastWriteTime: 2015-05-07T06:50:22.000000000Z
744	10a4.2c8: ChangeTime: 2015-08-19T04:34:46.033632900Z
745	10a4.2c8: FileAttributes: 0x20
746	10a4.2c8: Size: 0x5c5e0
747	10a4.2c8: NT Headers: 0xf0
748	10a4.2c8: Timestamp: 0x554b5179
749	10a4.2c8: Machine: 0x8664 - amd64
750	10a4.2c8: Timestamp: 0x554b5179
751	10a4.2c8: Image Version: 6.2
752	10a4.2c8: SizeOfImage: 0x5b000 (372736)
753	10a4.2c8: Resource Dir: 0x59000 LB 0x4ec
754	10a4.2c8: ProductName: AVG Internet Security
755	10a4.2c8: ProductVersion: 15.0.0.5957
756	10a4.2c8: FileVersion: 15.0.0.5957
757	10a4.2c8: SpecialBuild: AvCompile_2015_0507_134328(5957), SVNRev bcddc515e1405c8e35481b16de334020e451ec3e (release/HotFix2015-05), av
758	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
759	10a4.2c8: FileDescription: AVG Logging Driver
760	10a4.2c8: \SystemRoot\System32\drivers\avgldx64.sys:
761	10a4.2c8: CreationTime: 2015-06-16T08:55:04.000000000Z
762	10a4.2c8: LastWriteTime: 2015-06-16T08:55:04.000000000Z
763	10a4.2c8: ChangeTime: 2015-08-19T04:34:54.973401800Z
764	10a4.2c8: FileAttributes: 0x20
765	10a4.2c8: Size: 0x3f3e0
766	10a4.2c8: NT Headers: 0xe0
767	10a4.2c8: Timestamp: 0x55802aaf
768	10a4.2c8: Machine: 0x8664 - amd64
769	10a4.2c8: Timestamp: 0x55802aaf
770	10a4.2c8: Image Version: 6.2
771	10a4.2c8: SizeOfImage: 0x42000 (270336)
772	10a4.2c8: Resource Dir: 0x40000 LB 0x50c
773	10a4.2c8: ProductName: AVG Internet Security
774	10a4.2c8: ProductVersion: 15.0.0.6055
775	10a4.2c8: FileVersion: 15.0.0.6055
776	10a4.2c8: SpecialBuild: AvCompile_2015_0616_154836(6055), SVNRev 309d50c06d2885375935ac1c0a79cdb255cb7045 (release/SmallUpdate2015-06_beta), av
777	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
778	10a4.2c8: FileDescription: AVG AVI Loader Driver
779	10a4.2c8: \SystemRoot\System32\drivers\avgdiska.sys:
780	10a4.2c8: CreationTime: 2015-03-11T05:16:06.000000000Z
781	10a4.2c8: LastWriteTime: 2015-03-11T05:16:06.000000000Z
782	10a4.2c8: ChangeTime: 2015-08-19T04:34:57.366208700Z
783	10a4.2c8: FileAttributes: 0x20
784	10a4.2c8: Size: 0x27be0
785	10a4.2c8: NT Headers: 0xe0
786	10a4.2c8: Timestamp: 0x550015e3
787	10a4.2c8: Machine: 0x8664 - amd64
788	10a4.2c8: Timestamp: 0x550015e3
789	10a4.2c8: Image Version: 6.2
790	10a4.2c8: SizeOfImage: 0x29000 (167936)
791	10a4.2c8: Resource Dir: 0x27000 LB 0x4e0
792	10a4.2c8: ProductName: AVG Internet Security
793	10a4.2c8: ProductVersion: 15.0.0.5902
794	10a4.2c8: FileVersion: 15.0.0.5902
795	10a4.2c8: SpecialBuild: AvCompile_2015_0311_110513(5902), SVNRev d57888a6d0541615b2b2c643813a0b67abc3acba (av/devel), av
796	10a4.2c8: PrivateBuild: x64 Release_Unicode_DRIVER
797	10a4.2c8: FileDescription: AVG File Vault Driver
798	10a4.2c8: supR3HardenedWinInitAppBin(0x0): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
799	10a4.2c8: Calling main()
800	10a4.2c8: SUPR3HardenedMain: pszProgName=VirtualBox fFlags=0x2
801	10a4.2c8: supR3HardenedWinInitAppBin(0x2): '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox'
802	10a4.2c8: '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe' has no imports
803	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe)
804	10a4.2c8: SUPR3HardenedMain: Final process, opening VBoxDrv...
805	10a4.2c8: supR3HardenedEarlyCompact: Removed heap 1 (0x00000000970000 LB 0x400000)
806	10a4.2c8: supR3HardNtEnableThreadCreation:
807	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll)
808	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll
809	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
810	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
811	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe9780000 LB 0x00005000 C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL [fFlags=0x0]
812	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
813	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
814	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
815	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9780000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
816	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll [lacks WinVerifyTrust]
817	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
818	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9780000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
819	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9780000 'C:\Program Files\Oracle\VirtualBox\VBoxSupLib.DLL'
820	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
821	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'crypt32.dll'.
822	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #19 'msasn1.dll'.
823	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
824	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wintrust.dll)
825	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wintrust.dll
826	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
827	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
828	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll)
829	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
830	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
831	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
832	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msasn1.dll)
833	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msasn1.dll
834	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
835	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
836	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
837	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #28 'msasn1.dll'.
838	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\crypt32.dll)
839	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\crypt32.dll
840	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
841	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
842	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msvcrt.dll)
843	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
844	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msasn1.dll'...
845	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\msasn1.dll' [rcNtRedir=0xc0150008]
846	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
847	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
848	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
849	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
850	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\Wintrust.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
851	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
852	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6c80000 LB 0x000a7000 C:\Windows\system32\msvcrt.dll [fFlags=0x0]
853	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
854	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5ea0000 LB 0x00012000 C:\Windows\system32\MSASN1.dll [fFlags=0x0]
855	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msasn1.dll [lacks WinVerifyTrust]
856	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6020000 LB 0x001d7000 C:\Windows\system32\CRYPT32.dll [fFlags=0x0]
857	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
858	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6300000 LB 0x00136000 C:\Windows\system32\RPCRT4.dll [fFlags=0x0]
859	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
860	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6200000 LB 0x0004c000 C:\Windows\system32\Wintrust.dll [fFlags=0x0]
861	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
862	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\system32\Wintrust.dll'
863	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcrypt.dll)
864	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcrypt.dll
865	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcrypt.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
866	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
867	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe58e0000 LB 0x00026000 C:\Windows\system32\bcrypt.dll [fFlags=0x0]
868	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
869	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe58e0000 'C:\Windows\system32\bcrypt.dll'
870	10a4.2c8: bcrypt.dll loaded at 00007fffe58e0000, BCryptOpenAlgorithmProvider at 00007fffe58e2ce0, preloading providers:
871	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll)
872	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll
873	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\bcryptprimitives.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
874	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
875	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5c00000 LB 0x00060000 C:\Windows\system32\bcryptprimitives.dll [fFlags=0x0]
876	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
877	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5c00000 'C:\Windows\system32\bcryptprimitives.dll'
878	10a4.2c8: BCryptOpenAlgorithmProvider(,'MD2',0,0) -> 0x0 (hAlgo=0000000000db87d0)
879	10a4.2c8: BCryptOpenAlgorithmProvider(,'MD4',0,0) -> 0x0 (hAlgo=0000000000db8bc0)
880	10a4.2c8: BCryptOpenAlgorithmProvider(,'MD5',0,0) -> 0x0 (hAlgo=0000000000db8ce0)
881	10a4.2c8: BCryptOpenAlgorithmProvider(,'SHA1',0,0) -> 0x0 (hAlgo=0000000000db8f30)
882	10a4.2c8: BCryptOpenAlgorithmProvider(,'SHA256',0,0) -> 0x0 (hAlgo=0000000000db9050)
883	10a4.2c8: BCryptOpenAlgorithmProvider(,'SHA512',0,0) -> 0x0 (hAlgo=0000000000db91c0)
884	10a4.2c8: BCryptOpenAlgorithmProvider(,'RSA',0,0) -> 0x0 (hAlgo=0000000000db9760)
885	10a4.2c8: BCryptOpenAlgorithmProvider(,'DSA',0,0) -> 0x0 (hAlgo=0000000000db9880)
886	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
887	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
888	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
889	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
890	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
891	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
892	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
893	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
894	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
895	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
896	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
897	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
898	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
899	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
900	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
901	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
902	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
903	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
904	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
905	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
906	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptsp.dll)
907	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptsp.dll
908	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5670000 LB 0x0001e000 C:\Windows\SYSTEM32\CRYPTSP.dll [fFlags=0x0]
909	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptsp.dll [lacks WinVerifyTrust]
910	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcrypt.dll'.
911	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\rsaenh.dll)
912	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
913	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
914	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
915	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
916	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
917	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
918	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe52f0000 LB 0x00035000 C:\Windows\system32\rsaenh.dll [fFlags=0x0]
919	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
920	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
921	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'bcryptprimitives.dll'.
922	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cryptbase.dll)
923	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptbase.dll
924	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5c60000 LB 0x0000a000 C:\Windows\SYSTEM32\CRYPTBASE.dll [fFlags=0x0]
925	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cryptbase.dll [lacks WinVerifyTrust]
926	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll [lacks WinVerifyTrust]
927	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcryptprimitives.dll'...
928	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcryptprimitives.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll' [rcNtRedir=0xc0150008]
929	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll [lacks WinVerifyTrust]
930	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (Input=kernel32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
931	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6f30000 'C:\Windows\system32\kernel32.dll'
932	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
933	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
934	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
935	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\CRYPT32.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
936	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\CRYPT32.dll'
937	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6d30000 LB 0x00015000 C:\Windows\system32\imagehlp.dll [fFlags=0x0]
938	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
939	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imagehlp.dll)
940	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imagehlp.dll
941	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
942	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
943	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
944	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
945	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
946	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
947	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'bcrypt.dll'.
948	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ntasn1.dll'.
949	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ncrypt.dll)
950	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ncrypt.dll
951	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntasn1.dll)
952	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntasn1.dll
953	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5870000 LB 0x0003a000 C:\Windows\SYSTEM32\NTASN1.dll [fFlags=0x0]
954	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
955	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe58b0000 LB 0x00024000 C:\Windows\SYSTEM32\ncrypt.dll [fFlags=0x0]
956	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ncrypt.dll [lacks WinVerifyTrust]
957	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
958	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\sechost.dll)
959	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sechost.dll
960	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6a10000 LB 0x00057000 C:\Windows\SYSTEM32\sechost.dll [fFlags=0x0]
961	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
962	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
963	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'rpcrt4.dll'.
964	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gpapi.dll)
965	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gpapi.dll
966	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe4ff0000 LB 0x00022000 C:\Windows\SYSTEM32\gpapi.dll [fFlags=0x0]
967	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gpapi.dll [lacks WinVerifyTrust]
968	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\profapi.dll)
969	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\profapi.dll
970	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5df0000 LB 0x00014000 C:\Windows\SYSTEM32\profapi.dll [fFlags=0x0]
971	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll [lacks WinVerifyTrust]
972	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
973	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'crypt32.dll'.
974	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'wldap32.dll'.
975	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\cryptnet.dll)
976	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cryptnet.dll
977	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wldap32.dll'...
978	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wldap32.dll' -> '\Device\HarddiskVolume4\Windows\System32\wldap32.dll' [rcNtRedir=0xc0150008]
979	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
980	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\Wldap32.dll)
981	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\Wldap32.dll
982	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'crypt32.dll'...
983	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'crypt32.dll' -> '\Device\HarddiskVolume4\Windows\System32\crypt32.dll' [rcNtRedir=0xc0150008]
984	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
985	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
986	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
987	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
988	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
989	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
990	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
991	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
992	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
993	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
994	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
995	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
996	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
997	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntasn1.dll'...
998	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntasn1.dll' -> '\Device\HarddiskVolume4\Windows\System32\ntasn1.dll' [rcNtRedir=0xc0150008]
999	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntasn1.dll [lacks WinVerifyTrust]
1000	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bcrypt.dll'...
1001	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'bcrypt.dll' -> '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll' [rcNtRedir=0xc0150008]
1002	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\bcrypt.dll [lacks WinVerifyTrust]
1003	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1004	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1005	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1006	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (Input=cryptnet.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1007	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1008	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe7360000 LB 0x0005a000 C:\Windows\system32\WLDAP32.dll [fFlags=0x0]
1009	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\Wldap32.dll [lacks WinVerifyTrust]
1010	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe3f80000 LB 0x00034000 C:\Windows\system32\cryptnet.dll [fFlags=0x0]
1011	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1012	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1013	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1014	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1015	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1016	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1017	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1018	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1019	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1020	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1021	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1022	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1023	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1024	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1025	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1026	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1027	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1028	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\cryptnet.dll (rcNtResolve=0xc0150008) *pfFlags=0x2 pwszSearchPath=0000000000000001:<flags> [calling]
1029	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1030	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1031	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1032	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1033	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1034	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1035	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1036	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1037	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1038	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1039	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1040	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\system32\cryptnet.dll'
1041	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\cryptnet.dll [lacks WinVerifyTrust]
1042	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3f80000 'C:\Windows\System32\cryptnet.dll'
1043	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1044	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'sechost.dll'.
1045	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'rpcrt4.dll'.
1046	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\advapi32.dll)
1047	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1048	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6bc0000 LB 0x000a5000 C:\Windows\SYSTEM32\advapi32.dll [fFlags=0x0]
1049	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll [lacks WinVerifyTrust]
1050	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1051	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1052	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1053	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1054	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'sechost.dll'...
1055	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'sechost.dll' -> '\Device\HarddiskVolume4\Windows\System32\sechost.dll' [rcNtRedir=0xc0150008]
1056	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\sechost.dll [lacks WinVerifyTrust]
1057	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1058	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1059	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll [lacks WinVerifyTrust]
1060	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1061	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1062	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1063	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1064	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1065	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000000 pwszName=\SystemRoot\System32\ntdll.dll
1066	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: New context 0000000000dbf310
1067	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
1068	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=F325E8C3600C621144505768DFED418BF47A6F51
1069	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll [lacks WinVerifyTrust]
1070	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rpcrt4.dll (Input=rpcrt4.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1071	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6300000 'C:\Windows\system32\rpcrt4.dll'
1072	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1073	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1074	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1075	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1076	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1077	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1078	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1079	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1080	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1081	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1082	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1083	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\WINTRUST.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1084	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1085	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [lacks WinVerifyTrust]
1086	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
1087	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1088	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1089	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1090	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1091	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1092	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1093	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2215_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\SystemRoot\System32\ntdll.dll'
1094	10a4.2c8: g_pfnWinVerifyTrust=00007fffe6201040
1095	10a4.2c8: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [redoing WinVerifyTrust]
1096	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1097	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1098	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1099	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll [lacks WinVerifyTrust]
1100	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1101	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1102	10a4.2c8: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\crypt32.dll'
1103	10a4.2c8: supR3HardenedScreenImage/preload: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wintrust.dll [redoing WinVerifyTrust]
1104	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1105	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1106	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1107	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
1108	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1109	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1110	10a4.2c8: supR3HardenedScreenImage/preload: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\wintrust.dll'
1111	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1112	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1113	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1114	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1115	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\advapi32.dll'
1116	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000384 pwszName=\Device\HarddiskVolume4\Windows\System32\Wldap32.dll
1117	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
1118	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
1119	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=69524339B1646CCE03C83E941C787D6C1E6B6703
1120	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1121	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1122	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1123	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-DS-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
1124	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1125	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\Wldap32.dll'
1126	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000380 pwszName=\Device\HarddiskVolume4\Windows\System32\cryptnet.dll
1127	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
1128	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
1129	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0315578F0B76A9760FEA2715053C51E46A277B04
1130	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1131	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1132	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1133	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-DS-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
1134	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1135	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptnet.dll'
1136	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1137	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1138	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1139	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\profapi.dll'
1140	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1141	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1142	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1143	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gpapi.dll'
1144	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1145	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1146	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1147	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sechost.dll'
1148	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1149	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1150	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1151	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntasn1.dll'
1152	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1153	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1154	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
1155	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1156	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1157	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ncrypt.dll'
1158	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1159	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1160	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1161	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1162	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\imagehlp.dll'
1163	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1164	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1165	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1166	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptbase.dll'
1167	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll [lacks WinVerifyTrust]
1168	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1169	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1170	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rsaenh.dll'
1171	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1172	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1173	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\cryptsp.dll'
1174	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1175	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1176	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcryptprimitives.dll'
1177	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1178	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1179	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\bcrypt.dll'
1180	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1181	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1182	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll'
1183	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1184	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1185	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\msasn1.dll'
1186	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1187	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1188	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll'
1189	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1190	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSupLib.dll'
1191	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1192	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.exe'
1193	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1194	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1195	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\KernelBase.dll'
1196	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1197	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1198	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel32.dll'
1199	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1200	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x5ad46780fa5df300 DC=com, DC=microsoft, CN=Microsoft Root Certificate Authority
1201	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xea5386456178582b C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
1202	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x3be670c1bd02a900 OU=Copyright (c) 1997 Microsoft Corp., OU=Microsoft Corporation, CN=Microsoft Root Authority
1203	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x4d3835aa4180b200 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
1204	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x10e0229c091abf00 C=CZ, ST=Moravia, L=Brno, O=AVG Technologies cz, OU=Engineering, CN=AVG Technologies
1205	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x646e3fe3ba08df00 C=US, O=MSFT, CN=Microsoft Authenticode(tm) Root Authority
1206	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xece4e4289e08b900 C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
1207	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x43a9cc371ff5385a O=Microsoft Trust Network, OU=Microsoft Corporation, OU=Microsoft Time Stamping Service Root, OU=Copyright (c) 1997 Microsoft Corp.
1208	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x2e2d2c7c68f0202e O=VeriSign Trust Network, OU=VeriSign, Inc., OU=VeriSign Time Stamping Service Root, OU=NO LIABILITY ACCEPTED, (c)97 VeriSign, Inc.
1209	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x61a3a33f81aace00 C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Object
1210	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xf4fd306318ccda00 C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
1211	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x3d98ab22bb04a300 C=IE, O=Baltimore, OU=CyberTrust, CN=Baltimore CyberTrust Root
1212	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xa0ee62086758b15d C=US, O=Equifax, OU=Equifax Secure Certificate Authority
1213	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xa3ce8d99e60eda00 C=BE, O=GlobalSign nv-sa, OU=Root CA, CN=GlobalSign Root CA
1214	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xa8de7211e13be200 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Global Root CA
1215	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x7ae89c50f0b6a00f C=US, O=GTE Corporation, OU=GTE CyberTrust Solutions, Inc., CN=GTE CyberTrust Global Root
1216	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xd45980fbf0a0ac00 C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
1217	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x14018a1bf29e595c C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
1218	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x9e5bc2d78b6a3636 C=ZA, ST=Western Cape, L=Cape Town, O=Thawte Consulting cc, OU=Certification Services Division, CN=Thawte Premium Server CA, Email=premium-server@thawte.com
1219	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xd4fbe673e5ccc600 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert High Assurance EV Root CA
1220	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x357a29080824af00 C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
1221	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x59faf1086271bf00 C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., CN=Go Daddy Root Certificate Authority - G2
1222	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x466cbc09db88c100 C=IL, O=StartCom Ltd., OU=Secure Digital Certificate Signing, CN=StartCom Certification Authority
1223	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x491857ead79dde00 C=US, O=The Go Daddy Group, Inc., OU=Go Daddy Class 2 Certification Authority
1224	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0x8043e4ce150ead00 C=US, O=DigiCert Inc, OU=www.digicert.com, CN=DigiCert Assured ID Root CA
1225	10a4.2c8: supR3HardenedWinIsDesiredRootCA: Adding 0xf2e6331af7b700 C=SE, O=AddTrust AB, OU=AddTrust External TTP Network, CN=AddTrust External CA Root
1226	10a4.2c8: supR3HardenedWinRetrieveTrustedRootCAs: cAdded=26
1227	10a4.2c8: SUPR3HardenedMain: Load Runtime...
1228	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1229	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1230	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
1231	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
1232	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'rpcrt4.dll'.
1233	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll) WinVerifyTrust
1234	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1235	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1236	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1237	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
1238	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1239	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1240	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1241	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1242	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'nsi.dll'.
1243	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'rpcrt4.dll'.
1244	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ws2_32.dll) WinVerifyTrust
1245	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1246	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1247	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1248	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1249	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1250	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
1251	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
1252	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
1253	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
1254	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\nsi.dll)
1255	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\nsi.dll
1256	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1257	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
1258	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll) WinVerifyTrust
1259	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1260	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1261	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1262	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
1263	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1264	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1265	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1266	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll)
1267	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
1268	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1269	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1270	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll) WinVerifyTrust
1271	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1272	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1273	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1274	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1275	10a4.2c8: supR3HardenedDllNotificationCallback: load 0000000077910000 LB 0x000d2000 C:\Program Files\Oracle\VirtualBox\MSVCR100.dll [fFlags=0x0]
1276	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [avoiding WinVerifyTrust]
1277	10a4.2c8: supR3HardenedDllNotificationCallback: load 0000000077870000 LB 0x00098000 C:\Program Files\Oracle\VirtualBox\MSVCP100.dll [fFlags=0x0]
1278	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1279	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe7250000 LB 0x00009000 C:\Windows\system32\NSI.dll [fFlags=0x0]
1280	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [avoiding WinVerifyTrust]
1281	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6690000 LB 0x00058000 C:\Windows\system32\WS2_32.dll [fFlags=0x0]
1282	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1283	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe91a0000 LB 0x00543000 C:\Program Files\Oracle\VirtualBox\VBoxRT.dll [fFlags=0x0]
1284	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1285	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'.
1286	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rescheduled]
1287	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\nsi.dll'.
1288	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rescheduled]
1289	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1290	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1291	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1292	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1293	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1294	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1295	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1296	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1297	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1298	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1299	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1300	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1301	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1302	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1303	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1304	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1305	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1306	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1307	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1308	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1309	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1310	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1311	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1312	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1313	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1314	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1315	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1316	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1317	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1318	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1319	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1320	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1321	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1322	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1323	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1324	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1325	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1326	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1327	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1328	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1329	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1330	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1331	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1332	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxRT.dll
1333	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxRT.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1334	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1335	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1336	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1337	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe91a0000 'C:\Program Files\Oracle\VirtualBox\VBoxRT.dll'
1338	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\system32\Wintrust.dll'
1339	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1340	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1341	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1342	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1343	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
1344	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
1345	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1346	10a4.2c8: SUPR3HardenedMain: Load TrustedMain...
1347	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1348	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1349	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
1350	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcp100.dll'.
1351	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcr100.dll'.
1352	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1353	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'qtguivbox4.dll'.
1354	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'qtnetworkvbox4.dll'.
1355	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'qtopenglvbox4.dll'.
1356	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'user32.dll'.
1357	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'gdi32.dll'.
1358	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'advapi32.dll'.
1359	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'shell32.dll'.
1360	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'ole32.dll'.
1361	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'oleaut32.dll'.
1362	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'comdlg32.dll'.
1363	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'winmm.dll'.
1364	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll) WinVerifyTrust
1365	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
1366	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1367	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1368	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1369	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1370	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'winmmbase.dll'.
1371	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
1372	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'user32.dll'.
1373	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmm.dll) WinVerifyTrust
1374	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmm.dll
1375	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1376	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1377	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000474 pwszName=\Device\HarddiskVolume4\Windows\System32\comdlg32.dll
1378	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
1379	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
1380	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=60247C73B442DC5C383C0B76D9A2D4B13B1CFCB5
1381	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1382	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1383	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\user32.dll'.
1384	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #29 'gdi32.dll'.
1385	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\user32.dll)
1386	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\user32.dll
1387	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1388	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1389	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
1390	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmmbase.dll'...
1391	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmmbase.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rcNtRedir=0xc0150008]
1392	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
1393	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1394	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'devobj.dll'.
1395	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winmmbase.dll)
1396	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winmmbase.dll
1397	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'devobj.dll'...
1398	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'devobj.dll' -> '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rcNtRedir=0xc0150008]
1399	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\devobj.dll'.
1400	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1401	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'cfgmgr32.dll'.
1402	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\devobj.dll)
1403	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devobj.dll
1404	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1405	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1406	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1407	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1408	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'.
1409	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'user32.dll'.
1410	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\gdi32.dll)
1411	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1412	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1413	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1414	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1415	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
1416	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
1417	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
1418	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll)
1419	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll
1420	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1421	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1422	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1423	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1424	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2551_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume4\Windows\System32\comdlg32.dll'
1425	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1426	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1427	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'shlwapi.dll'.
1428	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1429	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1430	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'comctl32.dll'.
1431	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'shell32.dll'.
1432	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\comdlg32.dll) WinVerifyTrust
1433	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
1434	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1435	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1436	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1437	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1438	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shell32.dll'.
1439	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1440	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #55 'user32.dll'.
1441	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #57 'shlwapi.dll'.
1442	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #59 'gdi32.dll'.
1443	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shell32.dll)
1444	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shell32.dll
1445	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comctl32.dll'...
1446	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comctl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rcNtRedir=0x0]
1447	10a4.2c8: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
1448	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1449	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1450	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1451	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\comctl32.dll)
1452	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\comctl32.dll
1453	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1454	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1455	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1456	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1457	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1458	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1459	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1460	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1461	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
1462	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1463	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
1464	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'gdi32.dll'.
1465	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\shlwapi.dll)
1466	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\shlwapi.dll
1467	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1468	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1469	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1470	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1471	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1472	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1473	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1474	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1475	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1476	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1477	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1478	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1479	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1480	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1481	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1482	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1483	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1484	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1485	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1486	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1487	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1488	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1489	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shlwapi.dll'...
1490	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shlwapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rcNtRedir=0xc0150008]
1491	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [lacks WinVerifyTrust]
1492	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1493	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1494	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1495	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1496	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1497	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1498	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1499	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1500	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'combase.dll'.
1501	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1502	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\oleaut32.dll) WinVerifyTrust
1503	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
1504	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1505	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1506	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1507	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1508	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
1509	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1510	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1511	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1512	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1513	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'rpcrt4.dll'.
1514	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\combase.dll)
1515	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\combase.dll
1516	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1517	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1518	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1519	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1520	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1521	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1522	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1523	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1524	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
1525	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'rpcrt4.dll'.
1526	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #36 'gdi32.dll'.
1527	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #37 'user32.dll'.
1528	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #38 'combase.dll'.
1529	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ole32.dll) WinVerifyTrust
1530	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ole32.dll
1531	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1532	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1533	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll [redoing WinVerifyTrust]
1534	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1535	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1536	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [lacks WinVerifyTrust]
1537	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1538	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1539	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [lacks WinVerifyTrust]
1540	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1541	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1542	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [lacks WinVerifyTrust]
1543	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1544	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1545	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1546	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1547	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
1548	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1549	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1550	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\shell32.dll'
1551	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1552	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1553	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1554	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1555	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1556	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll [redoing WinVerifyTrust]
1557	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1558	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1559	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\gdi32.dll'
1560	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1561	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1562	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll [redoing WinVerifyTrust]
1563	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1564	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1565	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\user32.dll'
1566	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtopenglvbox4.dll'...
1567	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtopenglvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtopenglvbox4.dll' [rcNtRedir=0xc0150008]
1568	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1569	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'opengl32.dll'.
1570	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'gdi32.dll'.
1571	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
1572	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'qtguivbox4.dll'.
1573	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'qtcorevbox4.dll'.
1574	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcr100.dll'.
1575	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll) WinVerifyTrust
1576	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1577	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtnetworkvbox4.dll'...
1578	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtnetworkvbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtnetworkvbox4.dll' [rcNtRedir=0xc0150008]
1579	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1580	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1581	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1582	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1583	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1584	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'.
1585	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'user32.dll'.
1586	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'ole32.dll'.
1587	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1588	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
1589	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcp100.dll'.
1590	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'msvcr100.dll'.
1591	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll)
1592	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1593	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1594	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1595	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'.
1596	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'gdi32.dll'.
1597	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'comdlg32.dll'.
1598	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'oleaut32.dll'.
1599	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'imm32.dll'.
1600	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winmm.dll'.
1601	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winspool.drv'.
1602	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ole32.dll'.
1603	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1604	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'advapi32.dll'.
1605	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'shell32.dll'.
1606	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'qtcorevbox4.dll'.
1607	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'msvcp100.dll'.
1608	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'msvcr100.dll'.
1609	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll)
1610	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1611	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1612	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1613	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
1614	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1615	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1616	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1617	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1618	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1619	10a4.2c8: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'.
1620	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1621	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
1622	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
1623	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'glu32.dll'.
1624	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'ddraw.dll'.
1625	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
1626	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\opengl32.dll)
1627	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\opengl32.dll
1628	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1629	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1630	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ddraw.dll'...
1631	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ddraw.dll' -> '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rcNtRedir=0xc0150008]
1632	10a4.2c8: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\ddraw.dll'.
1633	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1634	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #16 'user32.dll'.
1635	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #17 'gdi32.dll'.
1636	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'dciman32.dll'.
1637	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\ddraw.dll)
1638	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ddraw.dll
1639	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'glu32.dll'...
1640	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'glu32.dll' -> '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rcNtRedir=0xc0150008]
1641	10a4.2c8: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
1642	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1643	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'opengl32.dll'.
1644	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
1645	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\glu32.dll)
1646	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\glu32.dll
1647	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1648	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1649	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1650	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1651	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1652	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1653	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1654	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1655	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1656	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1657	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1658	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1659	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1660	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1661	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1662	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1663	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
1664	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'shell32.dll'...
1665	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'shell32.dll' -> '\Device\HarddiskVolume4\Windows\System32\shell32.dll' [rcNtRedir=0xc0150008]
1666	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
1667	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1668	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1669	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1670	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1671	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1672	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1673	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1674	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1675	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winspool.drv'...
1676	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winspool.drv' -> '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rcNtRedir=0xc0150008]
1677	10a4.2c8: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
1678	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1679	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\winspool.drv)
1680	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winspool.drv
1681	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
1682	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
1683	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
1684	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1685	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1686	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
1687	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'user32.dll'.
1688	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'msctf.dll'.
1689	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\imm32.dll)
1690	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\imm32.dll
1691	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
1692	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
1693	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
1694	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'comdlg32.dll'...
1695	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'comdlg32.dll' -> '\Device\HarddiskVolume4\Windows\System32\comdlg32.dll' [rcNtRedir=0xc0150008]
1696	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
1697	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1698	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1699	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1700	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1701	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1702	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1703	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1704	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1705	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1706	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1707	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1708	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1709	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1710	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1711	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
1712	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
1713	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1714	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1715	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1716	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msctf.dll'...
1717	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msctf.dll' -> '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rcNtRedir=0xc0150008]
1718	10a4.2c8: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msctf.dll'.
1719	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1720	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #23 'user32.dll'.
1721	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #24 'gdi32.dll'.
1722	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'imm32.dll'.
1723	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\msctf.dll)
1724	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\msctf.dll
1725	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1726	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1727	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1728	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1729	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1730	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1731	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1732	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1733	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [lacks WinVerifyTrust]
1734	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1735	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1736	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dciman32.dll'...
1737	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'dciman32.dll' -> '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rcNtRedir=0xc0150008]
1738	10a4.2c8: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\dciman32.dll'.
1739	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1740	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'gdi32.dll'.
1741	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1742	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dciman32.dll)
1743	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dciman32.dll
1744	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1745	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1746	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1747	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1748	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1749	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1750	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1751	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1752	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1753	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1754	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1755	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1756	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'imm32.dll'...
1757	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'imm32.dll' -> '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rcNtRedir=0xc0150008]
1758	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [lacks WinVerifyTrust]
1759	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1760	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1761	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1762	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1763	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\user32.dll
1764	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1765	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1766	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1767	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ws2_32.dll'.
1768	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'qtcorevbox4.dll'.
1769	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msvcr100.dll'.
1770	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll) WinVerifyTrust
1771	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1772	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtguivbox4.dll'...
1773	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtguivbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtguivbox4.dll' [rcNtRedir=0xc0150008]
1774	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [redoing WinVerifyTrust]
1775	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1776	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1777	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [lacks WinVerifyTrust]
1778	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1779	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1780	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [lacks WinVerifyTrust]
1781	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
1782	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
1783	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
1784	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1785	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll'
1786	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'qtcorevbox4.dll'...
1787	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'qtcorevbox4.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\qtcorevbox4.dll' [rcNtRedir=0xc0150008]
1788	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [redoing WinVerifyTrust]
1789	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1790	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll'
1791	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
1792	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
1793	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll [redoing WinVerifyTrust]
1794	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1795	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll'
1796	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
1797	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
1798	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
1799	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
1800	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
1801	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'opengl32.dll'...
1802	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'opengl32.dll' -> '\Device\HarddiskVolume4\Windows\System32\opengl32.dll' [rcNtRedir=0xc0150008]
1803	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll [redoing WinVerifyTrust]
1804	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000003bc pwszName=\Device\HarddiskVolume4\Windows\System32\opengl32.dll
1805	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
1806	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
1807	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=E7B21317A30D467EC23A2D5AE5A00919E81ECF45
1808	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1809	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1810	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
1811	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1812	10a4.2c8: supR3HardenedScreenImage/Imports: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\opengl32.dll'
1813	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VirtualBox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000a01:<flags> [calling]
1814	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
1815	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
1816	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1817	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1818	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1819	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1820	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
1821	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1822	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
1823	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
1824	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1825	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'advapi32.dll'.
1826	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'gdi32.dll'.
1827	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
1828	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll)
1829	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll
1830	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1831	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
1832	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
1833	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
1834	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1835	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #33 'combase.dll'.
1836	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\SHCore.dll)
1837	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\SHCore.dll
1838	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe70d0000 LB 0x00171000 C:\Windows\system32\USER32.dll [fFlags=0x0]
1839	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6a70000 LB 0x00145000 C:\Windows\system32\GDI32.dll [fFlags=0x0]
1840	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe2a10000 LB 0x00009000 C:\Windows\SYSTEM32\DCIMAN32.dll [fFlags=0x0]
1841	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dciman32.dll [avoiding WinVerifyTrust]
1842	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffdc5a0000 LB 0x000f4000 C:\Windows\SYSTEM32\DDRAW.dll [fFlags=0x0]
1843	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\ddraw.dll [avoiding WinVerifyTrust]
1844	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe2a20000 LB 0x0002c000 C:\Windows\SYSTEM32\GLU32.dll [fFlags=0x0]
1845	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\glu32.dll [avoiding WinVerifyTrust]
1846	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffdd430000 LB 0x00121000 C:\Windows\SYSTEM32\OPENGL32.dll [fFlags=0x0]
1847	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\opengl32.dll
1848	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe88a0000 LB 0x001d6000 C:\Windows\SYSTEM32\combase.dll [fFlags=0x0]
1849	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [avoiding WinVerifyTrust]
1850	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6890000 LB 0x00178000 C:\Windows\system32\ole32.dll [fFlags=0x0]
1851	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
1852	10a4.2c8: supR3HardenedDllNotificationCallback: load 0000000077590000 LB 0x002de000 C:\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll [fFlags=0x0]
1853	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtCoreVBox4.dll
1854	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe7260000 LB 0x00051000 C:\Windows\system32\SHLWAPI.dll [fFlags=0x0]
1855	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shlwapi.dll [avoiding WinVerifyTrust]
1856	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6250000 LB 0x000a1000 C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\COMCTL32.dll [fFlags=0x0]
1857	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll [avoiding WinVerifyTrust]
1858	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe73c0000 LB 0x01420000 C:\Windows\system32\SHELL32.dll [fFlags=0x0]
1859	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
1860	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe46c0000 LB 0x0009f000 C:\Windows\SYSTEM32\SHCORE.DLL [fFlags=0x0]
1861	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\SHCore.dll [avoiding WinVerifyTrust]
1862	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe72c0000 LB 0x0009a000 C:\Windows\system32\COMDLG32.dll [fFlags=0x0]
1863	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\comdlg32.dll
1864	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe87e0000 LB 0x000b7000 C:\Windows\system32\OLEAUT32.dll [fFlags=0x0]
1865	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
1866	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6510000 LB 0x00139000 C:\Windows\system32\MSCTF.dll [fFlags=0x0]
1867	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msctf.dll [avoiding WinVerifyTrust]
1868	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6650000 LB 0x00034000 C:\Windows\system32\IMM32.dll [fFlags=0x0]
1869	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [avoiding WinVerifyTrust]
1870	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5fd0000 LB 0x0004a000 C:\Windows\SYSTEM32\cfgmgr32.dll [fFlags=0x0]
1871	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [avoiding WinVerifyTrust]
1872	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe4ca0000 LB 0x00026000 C:\Windows\SYSTEM32\DEVOBJ.dll [fFlags=0x0]
1873	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\devobj.dll [avoiding WinVerifyTrust]
1874	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe3850000 LB 0x0002a000 C:\Windows\SYSTEM32\WINMMBASE.dll [fFlags=0x0]
1875	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmmbase.dll [avoiding WinVerifyTrust]
1876	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe3880000 LB 0x0001f000 C:\Windows\SYSTEM32\WINMM.dll [fFlags=0x0]
1877	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
1878	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffdf3b0000 LB 0x0007b000 C:\Windows\SYSTEM32\WINSPOOL.DRV [fFlags=0x0]
1879	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\winspool.drv [avoiding WinVerifyTrust]
1880	10a4.2c8: supR3HardenedDllNotificationCallback: load 0000000076c20000 LB 0x0096c000 C:\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll [fFlags=0x0]
1881	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtGuiVBox4.dll
1882	10a4.2c8: supR3HardenedDllNotificationCallback: load 0000000076b10000 LB 0x00105000 C:\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll [fFlags=0x0]
1883	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtNetworkVBox4.dll
1884	10a4.2c8: supR3HardenedDllNotificationCallback: load 0000000076a30000 LB 0x000dc000 C:\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll [fFlags=0x0]
1885	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\QtOpenGLVBox4.dll
1886	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffbbbb0000 LB 0x00ab1000 C:\Program Files\Oracle\VirtualBox\VirtualBox.dll [fFlags=0x0]
1887	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VirtualBox.dll
1888	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\SHCore.dll'.
1889	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\SHCore.dll' [rescheduled]
1890	10a4.2c8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll'.
1891	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll' [rescheduled]
1892	10a4.2c8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\dciman32.dll'.
1893	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\dciman32.dll' [rescheduled]
1894	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\msctf.dll'.
1895	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\msctf.dll' [rescheduled]
1896	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
1897	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\imm32.dll' [rescheduled]
1898	10a4.2c8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\winspool.drv'.
1899	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winspool.drv' [rescheduled]
1900	10a4.2c8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\glu32.dll'.
1901	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\glu32.dll' [rescheduled]
1902	10a4.2c8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\ddraw.dll'.
1903	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\ddraw.dll' [rescheduled]
1904	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1905	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rescheduled]
1906	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll'.
1907	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\shlwapi.dll' [rescheduled]
1908	10a4.2c8: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\comctl32.dll'.
1909	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\comctl32.dll' [rescheduled]
1910	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll'.
1911	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rescheduled]
1912	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\devobj.dll'.
1913	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\devobj.dll' [rescheduled]
1914	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll'.
1915	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winmmbase.dll' [rescheduled]
1916	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\imm32.dll [redoing WinVerifyTrust]
1917	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\imm32.dll'.
1918	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\imm32.dll
1919	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'combase.dll'...
1920	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'combase.dll' -> '\Device\HarddiskVolume4\Windows\System32\combase.dll' [rcNtRedir=0xc0150008]
1921	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\combase.dll [redoing WinVerifyTrust]
1922	10a4.2c8: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\combase.dll'.
1923	10a4.2c8: supR3HardenedScreenImage/Imports: WinVerifyTrust not available, rescheduling \Device\HarddiskVolume4\Windows\System32\combase.dll
1924	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1925	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1926	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1927	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1928	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1929	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1930	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
1931	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
1932	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
1933	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\imm32.dll (Input=imm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1934	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6650000 'C:\Windows\system32\imm32.dll'
1935	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffbbbb0000 'C:\Program Files\Oracle\VirtualBox\VirtualBox.dll'
1936	10a4.2c8: SUPR3HardenedMain: Calling TrustedMain (00007fffbbbb1770)...
1937	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
1938	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\winmm.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
1939	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3880000 'C:\Windows\system32\winmm.dll'
1940	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000600 pwszName=\Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1941	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
1942	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
1943	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=4235D21C52BC6FC9D5B6A7B3CE61ED85F804B2B7
1944	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1945	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1946	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_2550_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume4\Windows\System32\uxtheme.dll'
1947	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
1948	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1949	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #25 'user32.dll'.
1950	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'gdi32.dll'.
1951	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\uxtheme.dll) WinVerifyTrust
1952	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1953	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1954	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1955	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1956	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1957	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1958	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1959	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1960	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1961	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe4b50000 LB 0x00121000 C:\Windows\system32\uxtheme.dll [fFlags=0x0]
1962	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1963	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
1964	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1965	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1966	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
1967	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1968	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1969	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
1970	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
1971	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
1972	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
1973	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
1974	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #14 'user32.dll'.
1975	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'gdi32.dll'.
1976	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dwmapi.dll)
1977	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dwmapi.dll
1978	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe44f0000 LB 0x00020000 C:\Windows\system32\dwmapi.dll [fFlags=0x0]
1979	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dwmapi.dll [avoiding WinVerifyTrust]
1980	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'msvcrt.dll'.
1981	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'rpcrt4.dll'.
1982	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll)
1983	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll
1984	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe4b40000 LB 0x0000a000 C:\Windows\SYSTEM32\kernel.appcore.dll [fFlags=0x0]
1985	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll [avoiding WinVerifyTrust]
1986	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
1987	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
1988	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1989	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1990	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
1991	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
1992	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\gdi32.dll
1993	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
1994	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
1995	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
1996	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
1997	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
1998	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
1999	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kernel.appcore.dll'
2000	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2001	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2002	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dwmapi.dll'
2003	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
2004	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2005	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
2006	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2007	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2008	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6f30000 'C:\Windows\system32\kernel32.dll'
2009	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2010	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2011	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
2012	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2013	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2014	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
2015	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2016	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2017	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
2018	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe70d0000 'C:\Windows\system32\user32.dll'
2019	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\uxtheme.dll
2020	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\uxtheme.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2021	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe4b50000 'C:\Windows\system32\uxtheme.dll'
2022	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe70d0000 'C:\Windows\system32\user32.dll'
2023	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\advapi32.dll
2024	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\advapi32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2025	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6bc0000 'C:\Windows\system32\advapi32.dll'
2026	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2027	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2028	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2029	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
2030	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #21 'profapi.dll'.
2031	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\userenv.dll) WinVerifyTrust
2032	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\userenv.dll
2033	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'profapi.dll'...
2034	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'profapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\profapi.dll' [rcNtRedir=0xc0150008]
2035	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\profapi.dll
2036	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2037	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2038	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2039	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2040	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\userenv.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2041	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
2042	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe5400000 LB 0x0001e000 C:\Windows\system32\userenv.dll [fFlags=0x0]
2043	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
2044	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5400000 'C:\Windows\system32\userenv.dll'
2045	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2046	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2047	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6f30000 'C:\Windows\system32\kernel32.dll'
2048	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2049	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #26 'rpcrt4.dll'.
2050	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\clbcatq.dll)
2051	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\clbcatq.dll
2052	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe6450000 LB 0x000a4000 C:\Windows\SYSTEM32\clbcatq.dll [fFlags=0x0]
2053	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\clbcatq.dll [avoiding WinVerifyTrust]
2054	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2055	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2056	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2057	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2058	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2059	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2060	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\clbcatq.dll'
2061	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2062	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2063	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2064	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2065	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'psapi.dll'.
2066	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
2067	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2068	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'version.dll'.
2069	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'ws2_32.dll'.
2070	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'ole32.dll'.
2071	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'oleaut32.dll'.
2072	10a4.ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll) WinVerifyTrust
2073	10a4.ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2074	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2075	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2076	10a4.ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2077	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2078	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2079	10a4.ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2080	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2081	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2082	10a4.ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2083	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'version.dll'...
2084	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'version.dll' -> '\Device\HarddiskVolume4\Windows\System32\version.dll' [rcNtRedir=0xc0150008]
2085	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2086	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2087	10a4.ac: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
2088	10a4.ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\version.dll) WinVerifyTrust
2089	10a4.ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\version.dll
2090	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2091	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2092	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2093	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2094	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'psapi.dll'...
2095	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'psapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\psapi.dll' [rcNtRedir=0xc0150008]
2096	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2097	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2098	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2099	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2100	10a4.ac: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\psapi.dll) WinVerifyTrust
2101	10a4.ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\psapi.dll
2102	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2103	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2104	10a4.ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
2105	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2106	10a4.ac: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2107	10a4.ac: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
2108	10a4.ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxC.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2109	10a4.ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2110	10a4.ac: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll
2111	10a4.ac: supR3HardenedDllNotificationCallback: load 00007fffe6c70000 LB 0x00007000 C:\Windows\system32\PSAPI.DLL [fFlags=0x0]
2112	10a4.ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\psapi.dll
2113	10a4.ac: supR3HardenedDllNotificationCallback: load 00007fffe38a0000 LB 0x0000a000 C:\Windows\SYSTEM32\VERSION.dll [fFlags=0x0]
2114	10a4.ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\version.dll
2115	10a4.ac: supR3HardenedDllNotificationCallback: load 00007fffbc820000 LB 0x005d6000 C:\Program Files\Oracle\VirtualBox\VBoxC.dll [fFlags=0x0]
2116	10a4.ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2117	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffbc820000 'C:\Program Files\Oracle\VirtualBox\VBoxC.dll'
2118	10a4.ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2119	10a4.ac: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\System32\oleaut32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2120	10a4.ac: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe87e0000 'C:\Windows\System32\oleaut32.dll'
2121	10a4.ac: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\sxs.dll)
2122	10a4.ac: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\sxs.dll
2123	10a4.ac: supR3HardenedDllNotificationCallback: load 00007fffe5c70000 LB 0x00097000 C:\Windows\SYSTEM32\sxs.dll [fFlags=0x0]
2124	10a4.ac: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\sxs.dll [avoiding WinVerifyTrust]
2125	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=000000000000072c pwszName=\Device\HarddiskVolume4\Windows\System32\sxs.dll
2126	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2127	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2128	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=687F47861CE02066FB64E8228B3C4D091FA20854
2129	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2130	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2131	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\ntph.cat'; file='\Device\HarddiskVolume4\Windows\System32\sxs.dll'
2132	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2133	10a4.2c8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\sxs.dll'
2134	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2135	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2136	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe87e0000 'C:\Windows\system32\OLEAUT32.dll'
2137	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: error opening 'C:\Windows\system32\wintab32.dll': 0 (NtPath=\??\C:\Windows\system32\wintab32.dll; Input=C:\Windows\system32\wintab32.dll; rcNtGetDll=0x0
2138	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wintab32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2139	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0xc0000135 'C:\Windows\system32\wintab32.dll'
2140	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6a70000 'C:\Windows\system32\gdi32.dll'
2141	10a4.828: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2142	10a4.828: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2143	10a4.828: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2144	10a4.828: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2145	10a4.828: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2146	10a4.828: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll) WinVerifyTrust
2147	10a4.828: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
2148	10a4.828: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2149	10a4.828: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2150	10a4.828: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2151	10a4.828: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2152	10a4.828: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2153	10a4.828: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
2154	10a4.828: supR3HardenedDllNotificationCallback: load 00007fffe9740000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.DLL [fFlags=0x0]
2155	10a4.828: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxPuelMain.dll
2156	10a4.828: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9740000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxPuelMain.DLL'
2157	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe70d0000 'C:\Windows\system32\user32.dll'
2158	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
2159	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2160	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
2161	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2162	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2163	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6890000 'C:\Windows\system32\ole32.dll'
2164	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2165	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\ole32.dll (Input=ole32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2166	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6890000 'C:\Windows\system32\ole32.dll'
2167	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2168	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2169	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe87e0000 'C:\Windows\system32\OLEAUT32.dll'
2170	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000ae0 pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2171	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2172	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2173	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=9DDE8958CF9B37EEDE4BB8E28DDA8308284C8A55
2174	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2175	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2176	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll'
2177	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2178	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2179	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'ws2_32.dll'.
2180	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2181	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll) WinVerifyTrust
2182	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2183	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2184	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2185	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000b4c pwszName=\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2186	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2187	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2188	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C8CF4605B4B026F3426876C8B971F3B65D680FCA
2189	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2190	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2191	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll'
2192	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2193	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2194	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #15 'ws2_32.dll'.
2195	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll) WinVerifyTrust
2196	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2197	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2198	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2199	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2200	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2201	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2202	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2203	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2204	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2205	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2206	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2207	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2208	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2209	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2210	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffdeb20000 LB 0x0007f000 C:\Windows\SYSTEM32\wbemcomn.dll [fFlags=0x0]
2211	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2212	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffdcab0000 LB 0x0000f000 C:\Windows\system32\wbem\wbemprox.dll [fFlags=0x0]
2213	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemprox.dll
2214	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=API-MS-Win-Core-LocalRegistry-L1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2215	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5ec0000 'API-MS-Win-Core-LocalRegistry-L1-1-0.dll'
2216	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffdcab0000 'C:\Windows\system32\wbem\wbemprox.dll'
2217	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a3c pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2218	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2219	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2220	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5505CC12F45E4619D5CC78CCE8BF1B3C49D7BE0E
2221	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rsaenh.dll
2222	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\rsaenh.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2223	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2224	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2225	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll'
2226	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2227	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2228	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2229	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll) WinVerifyTrust
2230	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2231	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2232	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2233	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2234	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2235	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\msvcrt.dll
2236	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\wbemsvc.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2237	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2238	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffde310000 LB 0x00014000 C:\Windows\system32\wbem\wbemsvc.dll [fFlags=0x0]
2239	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\wbemsvc.dll
2240	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffde310000 'C:\Windows\system32\wbem\wbemsvc.dll'
2241	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-l1-2-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2242	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5ec0000 'api-ms-win-core-localization-l1-2-0.dll'
2243	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=api-ms-win-core-localization-obsolete-l1-1-0.dll (rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2244	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5ec0000 'api-ms-win-core-localization-obsolete-l1-1-0.dll'
2245	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000a4c pwszName=\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2246	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2247	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2248	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=3F29F8F4F858A7AFDF4CD047A78948C26E8333B6
2249	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2250	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2251	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-admin~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll'
2252	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2253	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2254	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #18 'wbemcomn.dll'.
2255	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll) WinVerifyTrust
2256	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2257	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'wbemcomn.dll'...
2258	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'wbemcomn.dll' -> '\Device\HarddiskVolume4\Windows\System32\wbemcomn.dll' [rcNtRedir=0xc0150008]
2259	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbemcomn.dll
2260	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2261	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2262	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\wbem\fastprox.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000009:<flags> [calling]
2263	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2264	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffde330000 LB 0x000e4000 C:\Windows\system32\wbem\fastprox.dll [fFlags=0x0]
2265	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\wbem\fastprox.dll
2266	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffde330000 'C:\Windows\system32\wbem\fastprox.dll'
2267	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2268	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\OLEAUT32.dll (Input=OLEAUT32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2269	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe87e0000 'C:\Windows\system32\OLEAUT32.dll'
2270	10a4.478: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2271	10a4.478: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2272	10a4.478: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrem.dll'.
2273	10a4.478: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2274	10a4.478: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll) WinVerifyTrust
2275	10a4.478: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2276	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2277	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2278	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrem.dll'...
2279	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrem.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrem.dll' [rcNtRedir=0xc0150008]
2280	10a4.478: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2281	10a4.478: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'vboxrt.dll'.
2282	10a4.478: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2283	10a4.478: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'msvcrt.dll'.
2284	10a4.478: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll) WinVerifyTrust
2285	10a4.478: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll
2286	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2287	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2288	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2289	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2290	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2291	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2292	10a4.478: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2293	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2294	10a4.478: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2295	10a4.478: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2296	10a4.478: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2297	10a4.478: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll
2298	10a4.478: supR3HardenedDllNotificationCallback: load 0000000076570000 LB 0x0010a000 C:\Program Files\Oracle\VirtualBox\VBoxREM.dll [fFlags=0x0]
2299	10a4.478: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxREM.dll
2300	10a4.478: supR3HardenedDllNotificationCallback: load 00007fffd4de0000 LB 0x00293000 C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL [fFlags=0x0]
2301	10a4.478: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2302	10a4.478: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd4de0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2303	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2304	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ndis.sys'.
2305	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ntoskrnl.exe'.
2306	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetAdp6.sys)
2307	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetAdp6.sys
2308	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetAdp6.sys [avoiding WinVerifyTrust]
2309	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2310	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2311	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
2312	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetLwf.sys)
2313	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetLwf.sys
2314	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetLwf.sys [avoiding WinVerifyTrust]
2315	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2316	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\VBoxUSBMon.sys)
2317	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\VBoxUSBMon.sys
2318	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\VBoxUSBMon.sys [avoiding WinVerifyTrust]
2319	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2320	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\VBoxDrv.sys)
2321	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\VBoxDrv.sys
2322	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\VBoxDrv.sys [avoiding WinVerifyTrust]
2323	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2324	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2325	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe'.
2326	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
2327	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'hal.dll'.
2328	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'bootvid.dll'.
2329	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'kdcom.dll'.
2330	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #12 'ci.dll'.
2331	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #13 'msrpc.sys'.
2332	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe)
2333	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe
2334	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2335	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2336	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2337	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
2338	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume4\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
2339	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\drivers\netio.sys'.
2340	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2341	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'ndis.sys'.
2342	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'msrpc.sys'.
2343	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\netio.sys)
2344	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\netio.sys
2345	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2346	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2347	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys'.
2348	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2349	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2350	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'netio.sys'.
2351	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys)
2352	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys
2353	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2354	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2355	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2356	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2357	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2358	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2359	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2360	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2361	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys [lacks WinVerifyTrust]
2362	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'netio.sys'...
2363	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'netio.sys' -> '\Device\HarddiskVolume4\Windows\System32\drivers\netio.sys' [rcNtRedir=0xc0150008]
2364	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\netio.sys [lacks WinVerifyTrust]
2365	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2366	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume4\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2367	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\hal.dll'.
2368	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2369	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'kdcom.dll'.
2370	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'pshed.dll'.
2371	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\hal.dll)
2372	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\hal.dll
2373	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2374	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2375	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2376	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
2377	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msrpc.sys' -> '\Device\HarddiskVolume4\Windows\System32\drivers\msrpc.sys' [rcNtRedir=0xc0150008]
2378	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\drivers\msrpc.sys'.
2379	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2380	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\drivers\msrpc.sys)
2381	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\drivers\msrpc.sys
2382	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ndis.sys'...
2383	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ndis.sys' -> '\Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys' [rcNtRedir=0xc0150008]
2384	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys [lacks WinVerifyTrust]
2385	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2386	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2387	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2388	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msrpc.sys'...
2389	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Failed to locate 'msrpc.sys'
2390	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ci.dll'...
2391	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ci.dll' -> '\Device\HarddiskVolume4\Windows\System32\ci.dll' [rcNtRedir=0xc0150008]
2392	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\ci.dll'.
2393	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2394	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\ci.dll)
2395	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\ci.dll
2396	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
2397	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume4\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
2398	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\kdcom.dll'.
2399	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2400	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2401	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\kdcom.dll)
2402	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\kdcom.dll
2403	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'bootvid.dll'...
2404	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'bootvid.dll' -> '\Device\HarddiskVolume4\Windows\System32\bootvid.dll' [rcNtRedir=0xc0150008]
2405	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\BOOTVID.DLL'.
2406	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2407	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\BOOTVID.DLL)
2408	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\BOOTVID.DLL
2409	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2410	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume4\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2411	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\hal.dll [lacks WinVerifyTrust]
2412	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
2413	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume4\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
2414	10a4.134c: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\PSHED.DLL'.
2415	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'ntoskrnl.exe'.
2416	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'hal.dll'.
2417	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\PSHED.DLL)
2418	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\PSHED.DLL
2419	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2420	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume4\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2421	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\hal.dll [lacks WinVerifyTrust]
2422	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2423	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2424	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2425	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2426	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2427	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2428	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'hal.dll'...
2429	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'hal.dll' -> '\Device\HarddiskVolume4\Windows\System32\hal.dll' [rcNtRedir=0xc0150008]
2430	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\hal.dll [lacks WinVerifyTrust]
2431	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2432	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2433	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2434	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2435	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2436	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2437	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2438	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2439	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2440	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'pshed.dll'...
2441	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'pshed.dll' -> '\Device\HarddiskVolume4\Windows\System32\pshed.dll' [rcNtRedir=0xc0150008]
2442	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\PSHED.DLL [lacks WinVerifyTrust]
2443	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'kdcom.dll'...
2444	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'kdcom.dll' -> '\Device\HarddiskVolume4\Windows\System32\kdcom.dll' [rcNtRedir=0xc0150008]
2445	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kdcom.dll [lacks WinVerifyTrust]
2446	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ntoskrnl.exe'...
2447	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'ntoskrnl.exe' -> '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe' [rcNtRedir=0xc0150008]
2448	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe [lacks WinVerifyTrust]
2449	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2450	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\VBoxDrv.sys'
2451	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2452	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\VBoxUSBMon.sys'
2453	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2454	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetLwf.sys'
2455	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2456	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\VBoxNetAdp6.sys'
2457	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2458	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2459	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\PSHED.DLL'
2460	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2461	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2462	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\BOOTVID.DLL'
2463	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2464	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2465	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\kdcom.dll'
2466	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2467	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2468	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ci.dll'
2469	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2470	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2471	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\msrpc.sys'
2472	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2473	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2474	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\hal.dll'
2475	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2476	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2477	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\ndis.sys'
2478	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2479	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2480	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\drivers\netio.sys'
2481	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2482	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: 'C:\Windows\system32\comctl32.dll' -> 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll' [redir]
2483	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll [redoing WinVerifyTrust]
2484	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000548 pwszName=\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll
2485	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2486	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2487	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=0B6F85C85728A0522988F3BA15B32993C5E6F65A
2488	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2489	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2490	10a4.134c: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\ntoskrnl.exe'
2491	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2492	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2493	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-shell~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll'
2494	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2495	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll'
2496	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll (Input=C:\Windows\system32\comctl32.dll, rcNtResolve=0x0) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2497	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6250000 'C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.9600.16384_none_34a8918f959016ea\comctl32.dll'
2498	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2499	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2500	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2501	10a4.134c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2502	10a4.134c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll) WinVerifyTrust
2503	10a4.134c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2504	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2505	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2506	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2507	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2508	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2509	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2510	10a4.134c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2511	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2512	10a4.134c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2513	10a4.134c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2514	10a4.134c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2515	10a4.134c: supR3HardenedDllNotificationCallback: load 00007fffe9750000 LB 0x0000a000 C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL [fFlags=0x0]
2516	10a4.134c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.dll
2517	10a4.134c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9750000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedClipboard.DLL'
2518	10a4.83c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2519	10a4.83c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2520	10a4.83c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2521	10a4.83c: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2522	10a4.83c: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll) WinVerifyTrust
2523	10a4.83c: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2524	10a4.83c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2525	10a4.83c: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2526	10a4.83c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2527	10a4.83c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2528	10a4.83c: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
2529	10a4.83c: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2530	10a4.83c: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2531	10a4.83c: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2532	10a4.83c: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2533	10a4.83c: supR3HardenedDllNotificationCallback: load 00007fffe9720000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL [fFlags=0x0]
2534	10a4.83c: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.dll
2535	10a4.83c: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9720000 'C:\Program Files\Oracle\VirtualBox\VBoxDragAndDropSvc.DLL'
2536	10a4.10dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2537	10a4.10dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2538	10a4.10dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2539	10a4.10dc: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2540	10a4.10dc: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll) WinVerifyTrust
2541	10a4.10dc: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2542	10a4.10dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2543	10a4.10dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2544	10a4.10dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2545	10a4.10dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2546	10a4.10dc: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll
2547	10a4.10dc: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2548	10a4.10dc: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2549	10a4.10dc: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2550	10a4.10dc: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2551	10a4.10dc: supR3HardenedDllNotificationCallback: load 00007fffe9710000 LB 0x0000f000 C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL [fFlags=0x0]
2552	10a4.10dc: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.dll
2553	10a4.10dc: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9710000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestPropSvc.DLL'
2554	10a4.1300: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2555	10a4.1300: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2556	10a4.1300: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcp100.dll'.
2557	10a4.1300: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2558	10a4.1300: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll) WinVerifyTrust
2559	10a4.1300: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2560	10a4.1300: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2561	10a4.1300: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2562	10a4.1300: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcp100.dll'...
2563	10a4.1300: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcp100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcp100.dll' [rcNtRedir=0xc0150008]
2564	10a4.1300: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2565	10a4.1300: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2566	10a4.1300: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2567	10a4.1300: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2568	10a4.1300: supR3HardenedDllNotificationCallback: load 00007fffe90c0000 LB 0x0000e000 C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL [fFlags=0x0]
2569	10a4.1300: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.dll
2570	10a4.1300: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe90c0000 'C:\Program Files\Oracle\VirtualBox\VBoxGuestControlSvc.DLL'
2571	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
2572	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2573	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32/Shell32.dll'
2574	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2575	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2576	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd4de0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2577	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2578	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2579	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2580	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2581	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2582	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'oleaut32.dll'.
2583	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll) WinVerifyTrust
2584	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2585	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'oleaut32.dll'...
2586	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'oleaut32.dll' -> '\Device\HarddiskVolume4\Windows\System32\oleaut32.dll' [rcNtRedir=0xc0150008]
2587	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\oleaut32.dll
2588	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2589	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2590	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2591	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2592	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2593	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2594	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2595	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2596	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2597	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2598	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2599	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe9080000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
2600	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2601	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9080000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
2602	10a4.530: supR3HardenedDllNotificationCallback: Unload 00007fffe9080000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [flags=0x0]
2603	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2604	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2605	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2606	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'dsound.dll'.
2607	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxvmm.dll'.
2608	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'vboxrt.dll'.
2609	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'vboxddu.dll'.
2610	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'vboxdd2.dll'.
2611	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'user32.dll'.
2612	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
2613	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #9 'ws2_32.dll'.
2614	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #10 'ole32.dll'.
2615	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #11 'iphlpapi.dll'.
2616	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll) WinVerifyTrust
2617	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
2618	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'iphlpapi.dll'...
2619	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'iphlpapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\iphlpapi.dll' [rcNtRedir=0xc0150008]
2620	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2621	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2622	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
2623	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'winnsi.dll'.
2624	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL) WinVerifyTrust
2625	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
2626	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2627	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2628	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ole32.dll
2629	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2630	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2631	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2632	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2633	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2634	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winnsi.dll'...
2635	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'winnsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\winnsi.dll' [rcNtRedir=0xc0150008]
2636	10a4.530: Detected WinVerifyTrust recursion: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winnsi.dll'.
2637	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2638	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'nsi.dll'.
2639	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\winnsi.dll)
2640	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\winnsi.dll
2641	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2642	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2643	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
2644	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2645	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2646	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
2647	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2648	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2649	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2650	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\crypt32.dll
2651	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\crypt32.dll (Input=crypt32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2652	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2653	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'cfgmgr32.dll'.
2654	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'msvcrt.dll'.
2655	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #22 'rpcrt4.dll'.
2656	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\setupapi.dll) WinVerifyTrust
2657	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\setupapi.dll
2658	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2659	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2660	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxdd2.dll'...
2661	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxdd2.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxdd2.dll' [rcNtRedir=0xc0150008]
2662	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2663	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2664	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\rpcrt4.dll
2665	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2666	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2667	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
2668	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
2669	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
2670	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2671	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2672	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2673	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2674	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll) WinVerifyTrust
2675	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2676	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxddu.dll'...
2677	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxddu.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxddu.dll' [rcNtRedir=0xc0150008]
2678	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2679	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2680	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2681	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2682	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2683	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2684	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2685	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll
2686	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2687	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2688	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2689	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2690	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'setupapi.dll'.
2691	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'newdev.dll'.
2692	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'advapi32.dll'.
2693	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll) WinVerifyTrust
2694	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2695	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2696	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2697	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2698	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2699	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2700	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'dsound.dll'...
2701	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'dsound.dll' -> '\Device\HarddiskVolume4\Windows\System32\dsound.dll' [rcNtRedir=0xc0150008]
2702	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000d90 pwszName=\Device\HarddiskVolume4\Windows\System32\dsound.dll
2703	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2704	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2705	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=ADB542ACB56917DACFC9792CAC57CDEED29A58E5
2706	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2707	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2708	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'newdev.dll'...
2709	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'newdev.dll' -> '\Device\HarddiskVolume4\Windows\System32\newdev.dll' [rcNtRedir=0xc0150008]
2710	10a4.530: Detected WinVerifyTrust recursion: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\newdev.dll'.
2711	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2712	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2713	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'user32.dll'.
2714	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'gdi32.dll'.
2715	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'uxtheme.dll'.
2716	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #7 'cfgmgr32.dll'.
2717	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #8 'setupapi.dll'.
2718	10a4.530: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\newdev.dll)
2719	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\newdev.dll
2720	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2721	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2722	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
2723	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2724	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2725	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2726	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2727	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2728	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2729	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'setupapi.dll'...
2730	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'setupapi.dll' -> '\Device\HarddiskVolume4\Windows\System32\setupapi.dll' [rcNtRedir=0xc0150008]
2731	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
2732	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'cfgmgr32.dll'...
2733	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'cfgmgr32.dll' -> '\Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll' [rcNtRedir=0xc0150008]
2734	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\cfgmgr32.dll [lacks WinVerifyTrust]
2735	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'uxtheme.dll'...
2736	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'uxtheme.dll' -> '\Device\HarddiskVolume4\Windows\System32\uxtheme.dll' [rcNtRedir=0xc0150008]
2737	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2738	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2739	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2740	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2741	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2742	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2743	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2744	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2745	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2746	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2747	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-avcore~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\dsound.dll'
2748	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2749	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2750	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'user32.dll'.
2751	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'advapi32.dll'.
2752	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ole32.dll'.
2753	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'winmm.dll'.
2754	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #6 'powrprof.dll'.
2755	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\dsound.dll) WinVerifyTrust
2756	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dsound.dll
2757	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2758	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2759	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'powrprof.dll'...
2760	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'powrprof.dll' -> '\Device\HarddiskVolume4\Windows\System32\powrprof.dll' [rcNtRedir=0xc0150008]
2761	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2762	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2763	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2764	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'rpcrt4.dll'.
2765	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\powrprof.dll) WinVerifyTrust
2766	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\powrprof.dll
2767	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'winmm.dll'...
2768	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'winmm.dll' -> '\Device\HarddiskVolume4\Windows\System32\winmm.dll' [rcNtRedir=0xc0150008]
2769	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
2770	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ole32.dll'...
2771	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'ole32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ole32.dll' [rcNtRedir=0xc0150008]
2772	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2773	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2774	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2775	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2776	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2777	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2778	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2779	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2780	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2781	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2782	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2783	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
2784	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
2785	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2786	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2787	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
2788	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\powrprof.dll
2789	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\newdev.dll [avoiding WinVerifyTrust]
2790	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
2791	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
2792	10a4.530: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\devrtl.dll)
2793	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\devrtl.dll
2794	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe5d90000 LB 0x00045000 C:\Windows\SYSTEM32\POWRPROF.dll [fFlags=0x0]
2795	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\powrprof.dll
2796	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffd7060000 LB 0x00087000 C:\Windows\SYSTEM32\DSOUND.dll [fFlags=0x0]
2797	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
2798	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe6d50000 LB 0x001d4000 C:\Windows\system32\SETUPAPI.dll [fFlags=0x0]
2799	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\setupapi.dll
2800	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffdba60000 LB 0x00014000 C:\Windows\SYSTEM32\devrtl.DLL [fFlags=0x0]
2801	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\devrtl.dll [avoiding WinVerifyTrust]
2802	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe9140000 LB 0x00054000 C:\Windows\SYSTEM32\newdev.dll [fFlags=0x0]
2803	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\newdev.dll [avoiding WinVerifyTrust]
2804	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe90d0000 LB 0x00061000 C:\Program Files\Oracle\VirtualBox\VBoxDDU.dll [fFlags=0x0]
2805	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDDU.dll
2806	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe9080000 LB 0x00035000 C:\Program Files\Oracle\VirtualBox\VBoxDD2.dll [fFlags=0x0]
2807	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2808	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe1320000 LB 0x0000a000 C:\Windows\SYSTEM32\WINNSI.DLL [fFlags=0x0]
2809	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winnsi.dll [avoiding WinVerifyTrust]
2810	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe1370000 LB 0x00029000 C:\Windows\SYSTEM32\IPHLPAPI.DLL [fFlags=0x0]
2811	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
2812	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffba410000 LB 0x008e1000 C:\Program Files\Oracle\VirtualBox\VBoxDD.DLL [fFlags=0x0]
2813	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD.dll
2814	10a4.530: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\devrtl.dll'.
2815	10a4.530: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\devrtl.dll' [rescheduled]
2816	10a4.530: Detected loader lock ownership: rc=Unknown Status 22900 (0x5974) '\Device\HarddiskVolume4\Windows\System32\newdev.dll'.
2817	10a4.530: supR3HardenedWinVerifyCacheProcessWvtTodos: 22900 (was 22900) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\newdev.dll' [rescheduled]
2818	10a4.530: Detected loader lock ownership: rc=VINF_SUCCESS '\Device\HarddiskVolume4\Windows\System32\winnsi.dll'.
2819	10a4.530: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 0) fWinVerifyTrust=0 for '\Device\HarddiskVolume4\Windows\System32\winnsi.dll' [rescheduled]
2820	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\dsound.dll
2821	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
2822	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
2823	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\SYSTEM32\DSOUND.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2824	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd7060000 'C:\Windows\SYSTEM32\DSOUND.dll'
2825	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffba410000 'C:\Program Files\Oracle\VirtualBox/VBoxDD.DLL'
2826	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2827	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2828	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2829	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2830	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe2390000 LB 0x00033000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.DLL [fFlags=0x0]
2831	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxHostWebcam.dll
2832	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe2390000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxHostWebcam.DLL'
2833	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2834	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxC.dll
2835	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxC.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2836	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffbc820000 'C:\Program Files\Oracle\VirtualBox/VBoxC.DLL'
2837	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2838	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxDD2.dll
2839	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2840	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9080000 'C:\Program Files\Oracle\VirtualBox/VBoxDD2.DLL'
2841	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2842	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2843	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2844	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2845	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll) WinVerifyTrust
2846	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
2847	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2848	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2849	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2850	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2851	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2852	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
2853	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe9060000 LB 0x0001d000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.DLL [fFlags=0x0]
2854	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxEhciR3.dll
2855	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe9060000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxEhciR3.DLL'
2856	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2857	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2858	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2859	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2860	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll) WinVerifyTrust
2861	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
2862	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2863	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2864	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2865	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2866	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2867	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
2868	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe29f0000 LB 0x00018000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.DLL [fFlags=0x0]
2869	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbCardReaderR3.dll
2870	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe29f0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbCardReaderR3.DLL'
2871	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2872	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2873	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2874	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2875	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll) WinVerifyTrust
2876	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
2877	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2878	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2879	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2880	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2881	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2882	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
2883	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe2760000 LB 0x00019000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.DLL [fFlags=0x0]
2884	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VBoxUsbWebcamR3.dll
2885	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe2760000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VBoxUsbWebcamR3.DLL'
2886	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2887	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2888	10a4.1718: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2889	10a4.1718: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2890	10a4.1718: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxvmm.dll'.
2891	10a4.1718: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'vboxrt.dll'.
2892	10a4.1718: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll) WinVerifyTrust
2893	10a4.1718: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
2894	10a4.1718: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2895	10a4.1718: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2896	10a4.1718: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxvmm.dll'...
2897	10a4.1718: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxvmm.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxvmm.dll' [rcNtRedir=0xc0150008]
2898	10a4.1718: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxVMM.dll
2899	10a4.1718: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2900	10a4.1718: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2901	10a4.1718: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2902	10a4.1718: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
2903	10a4.1718: supR3HardenedDllNotificationCallback: load 00007fffe8dc0000 LB 0x0000d000 C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL [fFlags=0x0]
2904	10a4.1718: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\VBoxSharedFolders.dll
2905	10a4.1718: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe8dc0000 'C:\Program Files\Oracle\VirtualBox\VBoxSharedFolders.DLL'
2906	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2907	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2908	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcr100.dll'.
2909	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'vboxrt.dll'.
2910	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'user32.dll'.
2911	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'gdi32.dll'.
2912	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'advapi32.dll'.
2913	10a4.530: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll) WinVerifyTrust
2914	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
2915	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'advapi32.dll'...
2916	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'advapi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\advapi32.dll' [rcNtRedir=0xc0150008]
2917	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'gdi32.dll'...
2918	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'gdi32.dll' -> '\Device\HarddiskVolume4\Windows\System32\gdi32.dll' [rcNtRedir=0xc0150008]
2919	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'user32.dll'...
2920	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'user32.dll' -> '\Device\HarddiskVolume4\Windows\System32\user32.dll' [rcNtRedir=0xc0150008]
2921	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'vboxrt.dll'...
2922	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'vboxrt.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\vboxrt.dll' [rcNtRedir=0xc0150008]
2923	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcr100.dll'...
2924	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcr100.dll' -> '\Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\msvcr100.dll' [rcNtRedir=0xc0150008]
2925	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2926	10a4.530: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
2927	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffddfa0000 LB 0x000c4000 C:\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.DLL [fFlags=0x0]
2928	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Program Files\Oracle\VirtualBox\ExtensionPacks\Oracle_VM_VirtualBox_Extension_Pack\win.amd64\VDPluginCrypt.dll
2929	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffddfa0000 'C:\Program Files\Oracle\VirtualBox/ExtensionPacks/Oracle_VM_VirtualBox_Extension_Pack/win.amd64/VDPluginCrypt.DLL'
2930	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\IPHLPAPI.DLL
2931	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/Iphlpapi.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2932	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe1370000 'C:\Windows\system32/Iphlpapi.dll'
2933	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #2 'rpcrt4.dll'.
2934	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'ws2_32.dll'.
2935	10a4.530: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll)
2936	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll
2937	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe0f50000 LB 0x00014000 C:\Windows\SYSTEM32\dhcpcsvc6.DLL [fFlags=0x0]
2938	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll [avoiding WinVerifyTrust]
2939	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
2940	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
2941	10a4.530: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #5 'nsi.dll'.
2942	10a4.530: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll)
2943	10a4.530: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll
2944	10a4.530: supR3HardenedDllNotificationCallback: load 00007fffe1020000 LB 0x00019000 C:\Windows\SYSTEM32\dhcpcsvc.DLL [fFlags=0x0]
2945	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll [avoiding WinVerifyTrust]
2946	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f68 pwszName=\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll
2947	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2948	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2949	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=5325E9A5D4C6ECE16AA73B6D9686369868F589BE
2950	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'nsi.dll'...
2951	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'nsi.dll' -> '\Device\HarddiskVolume4\Windows\System32\nsi.dll' [rcNtRedir=0xc0150008]
2952	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\nsi.dll [lacks WinVerifyTrust]
2953	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2954	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2955	10a4.530: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\ws2_32.dll
2956	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2957	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2958	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
2959	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
2960	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
2961	10a4.530: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
2962	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2963	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2964	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_155_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll'
2965	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2966	10a4.530: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dhcpcsvc.dll'
2967	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000f5c pwszName=\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll
2968	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2969	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2970	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=427F9E22A3130EE4C7C75D62DD2A4FFDD7FDEA10
2971	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2972	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2973	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_155_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll'
2974	10a4.530: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2975	10a4.530: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\dhcpcsvc6.dll'
2976	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffd4de0000 'C:\Program Files\Oracle\VirtualBox\VBoxVMM.DLL'
2977	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2978	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe70d0000 'C:\Windows\system32\user32.dll'
2979	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\winmm.dll
2980	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\SYSTEM32\WINMM.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2981	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe3880000 'C:\Windows\SYSTEM32\WINMM.dll'
2982	10a4.530: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\kernel32.dll
2983	10a4.530: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32/kernel32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
2984	10a4.530: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6f30000 'C:\Windows\system32/kernel32.dll'
2985	10a4.1ac8: '\Device\HarddiskVolume4\Windows\System32\tzres.dll' has no imports
2986	10a4.1ac8: supHardenedWinVerifyImageByHandle: -> 22900 (\Device\HarddiskVolume4\Windows\System32\tzres.dll)
2987	10a4.1ac8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\tzres.dll
2988	10a4.1ac8: supR3HardenedScreenImage/NtCreateSection: cache hit (Unknown Status 22900 (0x5974)) on \Device\HarddiskVolume4\Windows\System32\tzres.dll [avoiding WinVerifyTrust]
2989	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000001134 pwszName=\Device\HarddiskVolume4\Windows\System32\tzres.dll
2990	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
2991	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
2992	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6200000 'C:\Windows\System32\WINTRUST.DLL'
2993	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\CRYPT32.dll'
2994	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=2C2912B1AF73A6796732D1488D75007F742A3299
2995	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
2996	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
2997	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Package_3574_for_KB2919355~31bf3856ad364e35~amd64~~6.3.1.14.cat'; file='\Device\HarddiskVolume4\Windows\System32\tzres.dll'
2998	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
2999	10a4.1ac8: supR3HardenedWinVerifyCacheProcessWvtTodos: 0 (was 22900) fWinVerifyTrust=1 for '\Device\HarddiskVolume4\Windows\System32\tzres.dll'
3000	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000007a8 pwszName=\Device\HarddiskVolume4\Windows\System32\mswsock.dll
3001	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
3002	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
3003	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=C64ACDC3BD0BFFE24C87951473EBAE5CBEDAA02F
3004	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
3005	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
3006	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-CoreSystem-Minio-Package~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\mswsock.dll'
3007	10a4.1ac8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3008	10a4.1ac8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'rpcrt4.dll'.
3009	10a4.1ac8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #4 'ws2_32.dll'.
3010	10a4.1ac8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mswsock.dll) WinVerifyTrust
3011	10a4.1ac8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mswsock.dll
3012	10a4.1ac8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'ws2_32.dll'...
3013	10a4.1ac8: supR3HardenedWinVerifyCacheProcessImportTodos: 'ws2_32.dll' -> '\Device\HarddiskVolume4\Windows\System32\ws2_32.dll' [rcNtRedir=0xc0150008]
3014	10a4.1ac8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'rpcrt4.dll'...
3015	10a4.1ac8: supR3HardenedWinVerifyCacheProcessImportTodos: 'rpcrt4.dll' -> '\Device\HarddiskVolume4\Windows\System32\rpcrt4.dll' [rcNtRedir=0xc0150008]
3016	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mswsock.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3017	10a4.1ac8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mswsock.dll
3018	10a4.1ac8: supR3HardenedDllNotificationCallback: load 00007fffe5610000 LB 0x00058000 C:\Windows\system32\mswsock.dll [fFlags=0x0]
3019	10a4.1ac8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mswsock.dll
3020	10a4.1ac8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe5610000 'C:\Windows\system32\mswsock.dll'
3021	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=0000000000000e5c pwszName=\Device\HarddiskVolume4\Windows\System32\mscms.dll
3022	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
3023	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
3024	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=603F84ABA4E8DD75D802CF57F5ABB2D0968221E0
3025	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
3026	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
3027	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\mscms.dll'
3028	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3029	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3030	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #3 'userenv.dll'.
3031	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\mscms.dll) WinVerifyTrust
3032	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\mscms.dll
3033	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'userenv.dll'...
3034	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'userenv.dll' -> '\Device\HarddiskVolume4\Windows\System32\userenv.dll' [rcNtRedir=0xc0150008]
3035	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\userenv.dll
3036	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3037	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3038	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\mscms.dll (Input=mscms.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3039	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mscms.dll
3040	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffbfa80000 LB 0x0008d000 C:\Windows\system32\mscms.dll [fFlags=0x0]
3041	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mscms.dll
3042	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffbfa80000 'C:\Windows\system32\mscms.dll'
3043	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hFile=00000000000011b0 pwszName=\Device\HarddiskVolume4\Windows\System32\icm32.dll
3044	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: Cached context 0000000000dbf310
3045	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: hCatAdmin=0000000000dbf310
3046	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: cbHash=20 wszDigest=87FD7D3BB298BC790CD5163953E8A559775122F0
3047	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe52f0000 'C:\Windows\system32\rsaenh.dll'
3048	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe6020000 'C:\Windows\system32\crypt32.dll'
3049	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile: WinVerifyTrust => 0x0; cat='C:\Windows\system32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package-AutoMerged-windows~31bf3856ad364e35~amd64~~6.3.9600.16384.cat'; file='\Device\HarddiskVolume4\Windows\System32\icm32.dll'
3050	10a4.2c8: supR3HardNtViCallWinVerifyTrustCatFile -> 0 (org 22900)
3051	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #0 'msvcrt.dll'.
3052	10a4.2c8: supR3HardenedWinVerifyCacheScheduleImports: Import todo: #1 'mscms.dll'.
3053	10a4.2c8: supHardenedWinVerifyImageByHandle: -> 0 (\Device\HarddiskVolume4\Windows\System32\icm32.dll) WinVerifyTrust
3054	10a4.2c8: supR3HardenedWinVerifyCacheInsert: \Device\HarddiskVolume4\Windows\System32\icm32.dll
3055	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'mscms.dll'...
3056	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'mscms.dll' -> '\Device\HarddiskVolume4\Windows\System32\mscms.dll' [rcNtRedir=0xc0150008]
3057	10a4.2c8: supR3HardenedScreenImage/Imports: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\mscms.dll
3058	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: Processing 'msvcrt.dll'...
3059	10a4.2c8: supR3HardenedWinVerifyCacheProcessImportTodos: 'msvcrt.dll' -> '\Device\HarddiskVolume4\Windows\System32\msvcrt.dll' [rcNtRedir=0xc0150008]
3060	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\icm32.dll (Input=icm32.dll, rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000801:<flags> [calling]
3061	10a4.2c8: supR3HardenedScreenImage/NtCreateSection: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\icm32.dll
3062	10a4.2c8: supR3HardenedDllNotificationCallback: load 00007fffe2340000 LB 0x00041000 C:\Windows\system32\icm32.dll [fFlags=0x0]
3063	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\icm32.dll
3064	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe2340000 'C:\Windows\system32\icm32.dll'
3065	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
3066	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3067	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
3068	10a4.2c8: supR3HardenedScreenImage/LdrLoadDll: cache hit (VINF_SUCCESS) on \Device\HarddiskVolume4\Windows\System32\shell32.dll
3069	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: pName=C:\Windows\system32\shell32.dll (rcNtResolve=0xc0150008) *pfFlags=0x0 pwszSearchPath=0000000000000001:<flags> [calling]
3070	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
3071	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
3072	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
3073	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
3074	10a4.2c8: supR3HardenedMonitor_LdrLoadDll: returns rcNt=0x0 hMod=00007fffe73c0000 'C:\Windows\system32\shell32.dll'
3075	c8c.ec4: supR3HardNtChildWaitFor[2]: Quitting: ExitCode=0xc0000374 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 212922 ms, the end);
3076	1dcc.1798: supR3HardNtChildWaitFor[1]: Quitting: ExitCode=0xc0000374 (rcNtWait=0x0, rcNt1=0x0, rcNt2=0x103, rcNt3=0x103, 213681 ms, the end);

Download in other formats:

Original Format